This topic describes the release notes for Security Center and provides links to the relevant references.
2022
December 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Container escape prevention | New feature | The feature of container escape prevention is released. The feature detects risky operations from multiple dimensions such as processes, files, and system calls, and establishes protection barriers between containers and hosts. The protection barriers effectively block escape behavior and ensure the runtime security of containers. | Ultimate | 2022-12-22 | Use container escape prevention |
Image vulnerability whitelist | New feature | The feature of image vulnerability whitelist is released. You can create a whitelist for image vulnerabilities to exclude specific vulnerabilities that you do not want to detect. | Ultimate | 2022-12-15 | Scan images |
Overview tab in the Assets module | Feature iteration | The Overview tab in the Assets module is optimized. | All editions | 2022-12-14 | View information on the Overview tab |
Cloud sandbox check | New feature | The feature of cloud sandbox check is released. The feature provides an environment to safely run files in isolation and analyzes dynamic and static behavior data of the files. This way, you can run suspicious applications in a secure manner and detect suspicious behavior of files. | All editions | 2022-12-14 | View and handle alert events |
Adaptive blocking rule for webshell communication | New feature | The detection model of the malicious behavior defense type can detect webshell communication. You can create an adaptive interception rule for webshell communication to detect suspicious webshell traffic after you run malicious files. This prevents attackers from exploiting suspicious traffic. | Enterprise and Ultimate | 2022-12-13 | View and handle alert events |
November 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Attack source analysis | New feature | Analysis reports on attacks from different source IP addresses and attacker profiles are provided. | Anti-virus, Advanced, Enterprise, and Ultimate | 2022-11-30 | View the source tracing results of attacks |
Application protection | Feature iteration | The procedures of enabling application protection for applications and containers are optimized. | Advanced, Enterprise, and Ultimate | 2022-11-30 | Application protection |
Agentless detection (in public preview) | New feature | The agentless detection feature is released. The feature adopts the agentless technology to detect security risks on Elastic Compute Service (ECS) instances, precluding the need to install the Security Center agent. | Advanced, Enterprise, and Ultimate | 2022-11-30 | Use the agentless detection feature |
Configuration assessment | New feature | The service-linked role AliyunServiceRoleForSasCspm can be created for the configuration assessment feature. | Advanced, Enterprise, and Ultimate | 2022-11-21 | Service-linked roles for Security Center |
Anti-ransomware | Feature iteration | Simple application servers are supported by the anti-ransomware feature. | Anti-virus, Advanced, Enterprise, and Ultimate | 2022-11-17 | Overview |
Application protection | Feature iteration | The application security feature is renamed the application protection feature. The entry point to the feature is moved to Protection Configuration in the left-side navigation pane. | Advanced, Enterprise, and Ultimate | 2022-11-17 | Application protection |
Container image scan | New feature | The feature of container image scan is provided to detect common sensitive files. The feature also checks whether sensitive data exists in custom image files. | Ultimate | 2022-11-15 | View sensitive image files |
Multi-cloud configuration management | Feature iteration | Servers that are not deployed on Alibaba Cloud can be added to the Singapore management center. | All editions | 2022-11-10 | Use multi-cloud configuration management |
Protection of self-managed Kubernetes clusters | New feature | Log-based threat detection can be enabled for self-managed Kubernetes clusters that are connected to Security Center. | Ultimate | 2022-11-10 | Connect a self-managed Kubernetes cluster to Security Center |
October 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Container management | Feature iteration | The details page of a cluster is re-designed. You can view the risks in a cluster by cluster, node, and application. | Ultimate | 2022-10-14 | View security information about containers |
Alert management | Feature iteration | Alerts can be viewed and handled by container and host. | Ultimate | 2022-10-14 | View and handle alert events |
September 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Container image scan | Feature iteration | The risk statistics section on the Image Security page is optimized. | Ultimate | 2022-09-23 | View image scan results |
Proxy access | New feature | ECS instances that reside in a VPC and are inaccessible over the Internet can be added to Security Center by using the proxy access feature. You can also use the feature to manage the uplink traffic of the ECS instances. The uplink traffic refers to the traffic from ECS instances to Security Center. | All editions | 2022-09-22 | Use the proxy access feature |
Container image scan | Feature iteration | Container runtime image scans are supported. | Ultimate | 2022-09-17 | Scan images |
August 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Vulnerability management | Feature iteration | The vulnerability scan progress can be viewed in the list of vulnerability scan tasks. | All editions | 2022-08-22 | Scan for vulnerabilities |
Billing | Feature iteration | Specification changes and renewal can be performed at the same time. When you renew Security Center, you can change the specifications of Security Center. The existing specifications of Security Center are retained during the current subscription period. When the renewal order takes effect, the new specifications are automatically applied. | All editions | 2022-08-16 | Renew the subscription to Security Center |
Billing | Feature iteration | The entry points to Security Center upgrade and specification downgrade are separately provided. | All editions | 2022-08-16 | Upgrade and downgrade Security Center |
Server management | Feature iteration | A server group can be created when you change the server group for a server. | All editions | 2022-08-10 | Manage servers |
Cloud honeypot | Feature iteration | A honeypot can be deployed in a server in a data center by using a proxy server. When you create a probe in the Security Center console, you must configure a proxy IP address for the server. This way, you can deploy the honeypot in the server in proxy mode. | All editions | 2022-08-05 | Configure a honeypot |
July 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Architecture | Feature iteration | The menu in the left-side navigation pane of the Security Center console is adjusted. | All editions | 2022-07-21 | None |
Baseline check | Feature iteration | The Risk Details tab is added to the Baseline Check page. You can click Details in the Actions column of a check item on this tab to view the servers that are affected. | Advanced, Enterprise, and Ultimate | 2022-07-21 | Baseline check |
Billing | Feature iteration | The basic fee of Security Center Ultimate on the Alibaba Cloud International site is adjusted. | Ultimate | 2022-07-21 | Billing |
Container management | Feature iteration | The method used to connect self-managed Kubernetes clusters to Security Center is modified. | Ultimate | 2022-07-19 | Connect a self-managed Kubernetes cluster to Security Center |
Alert management | Feature iteration |
| Anti-virus, Advanced, Enterprise, and Ultimate | 2022-07-16 | View and handle alert events |
Server management | Feature iteration | The details page of a server is optimized. The O&M and Monitoring tab is added to the page. The tab displays information that is originally displayed on the Cloud Assistant and CloudMonitor tabs. | All editions | 2022-07-04 | Manage servers |
June 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Application security | New feature | The application security feature is released. You can use the feature without the need to change application code. You need to only install the application security agent on the processes related to the applications that you want to protect. The feature can protect your applications against attacks that are launched by exploiting most unknown vulnerabilities. | Advanced, Enterprise, and Ultimate | 2022-06-14 | Application protection |
Baseline check | Feature iteration | The supported baselines are updated. | Advanced, Enterprise, and Ultimate | 2022-06-14 | Baseline check |
Web tamper proofing | Feature iteration | The list of operating systems and kernels that web tamper proofing supports is updated. | Advanced, Enterprise, and Ultimate | 2022-06-16 | Use the feature of web tamper proofing |
Billing | Feature iteration | The basic fee of Security Center Ultimate on the Alibaba Cloud International site is adjusted. | Ultimate | 2022-06-24 | Billing |
Container image scan | Feature iteration | The value of the Speed Limit parameter that specifies the speed for image scans is configurable. You can specify a custom value for the parameter when you scan images in a Harbor image repository. This helps improve the efficiency of image scans. | Advanced, Enterprise, and Ultimate | 2022-06-28 | Manage image repositories |
May 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Global log filtering | New feature | The global log filtering feature is released. The feature helps ensure security, improve the utilization of log storage, and ensure the quality of collected logs. The feature also improves operational efficiency. | All editions | 2022-05-19 | Global Log Filter |
Malicious behavior defense | Feature iteration | The malicious behavior defense feature is available for the Advanced edition. | Advanced, Enterprise, and Ultimate | 2022-05-19 | Use the malicious behavior defense feature |
Multi-cloud configuration management | Feature iteration | The feature of multi-cloud configuration management is released. The feature allows you to add servers of third-party cloud service providers, such as Tencent Cloud and Amazon Web Service (AWS), to Security Center. | All editions | 2022-05-19 | Use multi-cloud configuration management |
Baseline check | Feature iteration | The baseline check items are updated. After the update, the baseline check items are classified based on the following baseline types:
| Advanced, Enterprise, and Ultimate | 2022-05-19 | Baseline check |
Assets | Feature iteration | The Container page is re-designed. The information about containers is displayed on the Image and Cluster tabs from different dimensions. | All editions | 2022-05-19 | View security information about containers |
Security report | Feature iteration | The security report feature is released. The feature allows you to specify a custom time range in which you want security reports to be sent. | Advanced, Enterprise, and Ultimate | 2022-05-19 | Create a security report |
Baseline check | Feature iteration | Snapshot creation is supported before you handle baseline risks. | Advanced, Enterprise, and Ultimate | 2022-05-05 | Baseline check |
April 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Cloud honeypot | Feature iteration | The cloud honeypot feature is released. You can purchase and use the feature in the Security Center console. The cloud honeypot feature provides capabilities such as attack discovery and attack source tracing within and outside the cloud. You can create honeypots in VPCs and on the servers that are protected by Security Center. This protects the servers from attacks that are launched within and outside the cloud and provides proactive defense capabilities. | All editions | 2022-04-26 | Overview, Purchase the cloud honeypot feature, Configure a honeypot, and View and handle alerts |
Proactive defense for containers | New feature | The feature of proactive defense for containers is released. The feature detects risks on an image when you use the image to create resources in a cluster. The feature allows you to create a container defense policy for a cluster. If an image hits the container defense policy, Security Center handles the image that is started in the cluster based on the action of the policy. The action can be Block, Alert, or Allow. This ensures that the image does not affect your business. | Ultimate | 2022-04-19 | Use the feature of proactive defense for containers |
Container image scan | Feature iteration | The list of image scan results can be exported. | Advanced, Enterprise, and Ultimate | 2022-04-12 | View image scan results |
Log analysis | Feature iteration | Some log fields are added to the process logs and network connection logs. | Anti-virus, Advanced, Enterprise, and Ultimate | 2022-04-08 | Log fields |
Basic task | Feature iteration | The page on which you can complete basic tasks is re-designed. | Anti-virus, Advanced, Enterprise, and Ultimate | 2022-04-08 | Complete basic tasks |
Assets | Feature iteration | The feature of asset information collection is released. You can use the feature to synchronize the information about your assets. You can also use the feature to collect information about your servers. The information includes the MAC addresses and kernel versions of your servers. | All editions | 2022-04-08 | Manage servers |
Attack analysis | Feature iteration | The attack analysis feature is improved to block webshells and provide instructions on how to disable defense rules. | Enterprise and Ultimate | 2022-04-01 | Attack awareness |
March 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Baseline check | Feature iteration | The Baseline Check page is re-designed. | All editions | 2022-03-11 | Baseline check |
Agent troubleshooting | Feature iteration | The agent troubleshooting feature is optimized. | All editions | 2022-03-18 | Use the agent troubleshooting feature |
Anti-ransomware | Feature iteration | The maximum number of protected directories that you can specify when you create an anti-ransomware policy for servers is increased from 8 to 20. | Anti-virus, Advanced, Enterprise, and Ultimate | 2022-03-25 | Create an anti-ransomware policy |
February 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Assets | Feature iteration | The entry point to the asset fingerprints feature is migrated to the Server(s) tab on the Assets page. The asset fingerprints such as the fingerprints of databases and web services can be collected. | Enterprise and Ultimate | 2022-02-22 | Manage servers and Use the asset fingerprints feature |
Overview | Feature iteration | The Overview page is re-designed, and the statistics that you must take note of are conspicuously displayed. | All editions | 2022-02-22 | Overview |
CI/CD | New feature | The feature of CI/CD-based container image scan is released. After you install the CI/CD plug-in for a Jenkins Freestyle or Pipeline project or GitHub Actions, Security Center scans images in the project or GitHub for risks when you build the images. The risks include high-risk system vulnerabilities, application vulnerabilities, viruses, webshells, malicious execution scripts, configuration risks, and sensitive data. If Security Center detects vulnerabilities, Security Center provides solutions to help you fix the vulnerabilities. | Ultimate | 2022-02-22 | Overview, Obtain a token of the CI/CD plug-in, Install the CI/CD plug-in for a Jenkins Freestyle project, Install the CI/CD plug-in for a Jenkins Pipeline project, Install the CI/CD plug-in for GitHub Actions, and View image scan results |
Malicious behavior defense | Feature iteration | The ATT&CK Phase section is added to the Host defense rules tab of the Malicious behavior Defense page. You can select an attack phase in the section to query system defense rules. | Enterprise and Ultimate | 2022-02-26 | Use the malicious behavior defense feature |
Threat intelligence from ThreatBook | Discontinued feature | The feature of threat intelligence from ThreatBook is unpublished. | Anti-virus, Advanced, Enterprise, and Ultimate | 2022-02-26 | None |
January 2022
Feature | Category | Description | Involved edition | Release date | References |
---|---|---|---|---|---|
Vulnerability fixing | Feature iteration | In the upper-right corner of the vulnerability list on the Vulnerabilities page, the Show only real risk vulnerabilities switch is added. After you turn on the switch, Security Center displays only the vulnerabilities whose urgency score is high in the vulnerability list. After you turn off the switch, Security Center displays all vulnerabilities in the vulnerability list. | All editions | 2022-01-11 | Overview |
Container image scan | Feature iteration | The Image Security page is modified. The Docker Hub Scan tab is migrated to the upper-right corner of the Image Security page. The Image security scan tab is removed from the Image Security page. You can view the details of image scan results on the Image Security page. | Ultimate and Enterprise | 2022-01-07 | Add image repositories to Security Center, Scan images, and View image scan results |
2021
December 2021
Release date | Description | Involved edition |
---|---|---|
2021-12-23 | The multi-account control feature is supported by all editions of Security Center. | All editions |
2021-12-23 | Up to eight protected directories can be specified in a custom anti-ransomware policy for a server. | Anti-virus, Advanced, Enterprise, and Ultimate |
2021-12-15 | A custom retention period can be specified for backup data of a server. This configuration is supported by the feature of anti-ransomware for servers. | Anti-virus, Advanced, Enterprise, and Ultimate |
2021-12-15 | Baseline risks and configuration risks of cloud services are no longer detected during a quick scan for vulnerabilities. | Advanced, Enterprise, and Ultimate |
2021-12-01 | The container firewall feature is updated. You can create a defense rule to allow, block, or generate alerts for access traffic. You can specify eight port ranges in a defense rule. | Ultimate |
2021-12-01 | The feature of container network topology is updated. The following list describes the update details:
| Ultimate |
November 2021
Release date | Description | Involved edition |
---|---|---|
2021-11-26 | The multi-account control feature is updated. After the update, you can configure the Security Center agent installed on the assets that belong to a member, scan for vulnerabilities in the assets, and configure baseline check policies for the assets. | Ultimate and Enterprise |
2021-11-25 | The Scanning Modes parameter is removed from the Settings panel of the Vulnerabilities page. | All editions |
2021-11-25 | The feature of anti-ransomware for servers is updated. After the update, you can specify more than 100 servers when you create an anti-ransomware policy. | All editions |
2021-11-19 | The honeypot feature is supported in more regions. After the update, the feature is supported in all regions. | Ultimate and Enterprise |
2021-11-04 | The Vulnerability retention duration parameter is added to the Scan Settings panel of the Image Security page. This parameter specifies the period of time during which the scan results are retained. You can configure this parameter based on your business requirements. The scan results are automatically deleted when the specified retention period elapsed. | Ultimate and Enterprise |
October 2021
Release date | Description | Involved edition |
---|---|---|
2021-10-30 | More operating system versions are supported by the feature of anti-ransomware for servers. The feature of anti-ransomware for databases is supported in more regions. More database and operating system versions are supported by the feature of anti-ransomware for databases. | Anti-virus, Advanced, Enterprise, and Ultimate |
2021-10-30 | The feature of anti-ransomware for servers is updated. V1.0 anti-ransomware policies can no longer be edited but can be upgraded to V2.0 anti-ransomware policies with a few clicks. | Anti-virus, Advanced, Enterprise, and Ultimate |
2021-10-21 | Notifications for virus scan tasks and excess logs are supported by the notification feature. | All editions |
2021-10-19 | A delegated administrator account can be specified by using the multi-account control feature. You can specify a member as a delegated administrator account of Security Center. After you specify a member as a delegated administrator account, the member is authorized by the management account of your resource directory to perform the following operations: access and manage the information of your resource directory in Security Center, and view the risks that are detected in managed accounts. The information includes the organization and members of the resource directory. | Ultimate and Enterprise |
September 2021
Release date | Description | Involved edition |
---|---|---|
2021-09-29 | The types of vulnerabilities that can be detected by quick scan tasks in the Anti-virus edition are changed to the same types in the Basic edition. | Anti-virus |
2021-09-16 | The PID column is added to the fingerprint list of the Process tab on the Asset Fingerprints page. The PID column displays the process IDs (PIDs). | All editions |
2021-09-06 | The agent troubleshooting feature is added to the Assets page. If the Security Center agent is offline, the agent fails to be installed or uninstalled, or the processes of the Security Center agent have a high CPU utilization, you can use the agent troubleshooting feature to troubleshoot issues that occur on the Security Center agent. | All editions |
2021-09-06 | The features of AccessKey pair leak detection and configuration assessment are supported in the Singapore (Singapore) region. | All editions |
2021-09-06 | The malicious behavior defense feature is released. You can use the feature to enable or disable system defense rules, and manage the assets to which each rule is applied based on your business requirements. | Ultimate and Enterprise |
2021-09-06 | Custom baseline check policies can be configured. You can configure custom baseline check policies based on your business requirements. | Advanced, Enterprise, and Ultimate |
2021-09-06 | The feature of asset management rules is optimized. You can create an asset management rule and specify a server group and a tag in the rule. | All editions |
August 2021
Release date | Description | Involved edition |
---|---|---|
2021-08-19 | The feature of anti-ransomware for databases is supported. This feature allows you to create protection policies for MySQL databases, Oracle databases, and SQL Server databases that are deployed on Elastic Compute Service (ECS) instances. The policies protect these databases from ransomware. | All paid editions |
2021-08-12 | Detected image vulnerabilities can be exported. | Ultimate |
2021-08-12 | The feature of malicious behavior defense is supported. This feature allows you to select servers to protect based on the rules that are used to defend against malicious behavior. | Enterprise |
July 2021
Release date | Description | Involved edition |
---|---|---|
2021-07-22 | Docker Hub images can be scanned. Security Center allows you to obtain the security posture of all images in Docker Hub. Security Center also provides the threat intelligence of basic images free of charge. | Basic |
2021-07-22 | The network connections between containers and the Internet can be visualized. | Ultimate |
2021-07-22 | Servers deployed on Tencent Cloud and servers in data centers can be connected to Security Center in a hybrid cloud architecture. | Basic |
May 2021
Release date | Description | Involved edition |
---|---|---|
2021-05-21 | The container firewall feature is supported. | Ultimate |
2021-05-13 | The Port column is added to the Attack Awareness page. The port of an attacked asset is displayed in the column only when the type of an attack is SSH Brute force cracking. | Enterprise and Ultimate |
April 2021
Release date | Description | Involved edition |
---|---|---|
2021-04-25 | A topic that introduces Security Center Basic is provided. This topic describes how to use Security Center Basic. | Basic |
2021-04-22 | An icon that indicates a weak password is provided. This icon is displayed in the communication link topology only if a weak password is detected on the asset. | Enterprise and Ultimate |
2021-04-22 | The Select all button is added to the panel that displays the details of a Linux software vulnerability. You can click this button to select all assets on which the vulnerability is detected. This makes vulnerability handling more efficient. | All editions |
2021-04-15 | Vulnerabilities that are detected by using software component analysis are displayed in the list of application vulnerabilities in a security report. | Enterprise and Ultimate |
2021-04-08 | The feature of asset exposure analysis is improved from the following aspects:
| Enterprise and Ultimate |
2021-04-08 | Risky Container(s) is added to the Container tab of the Assets page. | All editions |
2021-04-01 | Prevention Mode can be set to Interception Mode or Alert Mode when you enable web tamper proofing. | All paid editions |
2021-04-01 | A check item named Devops Codeup-Codebase Protection is added for configuration assessment. | Advanced, Enterprise, and Ultimate |
2021-04-01 | The Container firewall exception alert notification and Container firewall proactive defense notification items are added to the Notifications tab. | Ultimate |
2021-04-01 | In the left section of the Radar tab, Cluster, Application, Container, Work(s), and Image can be clicked. After you click one of these items, you can view the assets of a specific type on the Container tab of the Assets page. | Ultimate |
March 2021
Release date | Description | Involved edition |
---|---|---|
2021-03-30 | The feature of ISO 27001 compliance check is supported. | All editions |
2021-03-30 | StartTime and EndTime can be configured if Execution Time is set to Custom Time when you create a task on the Playbook page. | Enterprise and Ultimate |
2021-03-25 | Weak passwords that are detected on exposed assets are displayed on the Exposure Analysis page. | Enterprise and Ultimate |
2021-03-25 | The number of container image scans that have been performed in the last seven days is displayed on the Image Security page. | Advanced, Enterprise, and Ultimate |
2021-03-25 | The vulnerabilities that are detected by Cloud Firewall are displayed on the Vulnerabilities page. On the Vulnerabilities page, the Cloud firewall Supports Virtual patches tag is used to indicate a vulnerability that is detected by Cloud Firewall. You can click the tag to go to the Cloud Firewall console to fix the vulnerability. | All editions |
2021-03-18 | The Restore target Directory column is added to the list of restoration tasks in the Restore Tasks panel. The panel appears after you click a number below Restoring / Records on the General Anti-ransomware Solutions page. | All paid editions |
2021-03-09 | Active defense experience optimization on the General tab of the Settings page is available only for the users of the Enterprise and Ultimate editions. | Basic, Anti-virus, and Advanced |
2021-03-09 | Alerts of the Precision defense type can be added to the whitelist. You can customize the whitelist policy based on the alert details. After you add these alerts to the whitelist, Security Center no longer sends you alert notifications when the alerts are generated. | All paid editions |
2021-03-09 | The About Us tab is added to the page that appears after you click Overview in the left-side navigation pane. The added tab provides the architecture of Security Center, security capabilities provided by Security Center, and the introduction to security experts. | All editions |
February 2021
Release date | Description | Involved edition |
---|---|---|
2021-02-25 | The feature of automatic alert correlation analysis is added on the General tab of the Settings page. In the Alarm aggregation switch section of the General tab, you can turn on Alert Association to automatically aggregate the alerts of the same type. This makes alert handling more efficient. | Anti-virus, Advanced, Enterprise, and Ultimate |
2021-02-25 | The deduction item that indicates scope configurations for container image scans is added. | Advanced, Enterprise, and Ultimate |
2021-02-04 | The file path of a leaked AccessKey pair can be displayed in the Result section. The section is displayed in the message that appears after you click Details in the Operation column in the AccessKey pair details panel. This helps you handle leaked AccessKey pairs. | Advanced, Enterprise, and Ultimate |
2021-02-04 | The usage of the quota for container image scans is displayed on the Image Security page. | Advanced, Enterprise, and Ultimate |
2021-02-04 | The Scan Time Range parameter is added to the Scan Settings panel. This parameter indicates the time range in which images have changed. After you specify this parameter, you can use Security Center to scan images that have changed in the specified time range. | Advanced, Enterprise, and Ultimate |
2021-02-04 | All statistical items can be selected when you specify the information that a security report contains. | Advanced, Enterprise, and Ultimate |
2021-02-04 | The platform on which the AccessKey pair leaks are detected is displayed on the AccessKey Leak Detection page. | All editions |
January 2021
Release date | Description | Involved edition |
---|---|---|
2021-01-28 | Urgent vulnerability detection is improved from the following aspects:
| All editions |
2021-01-26 | The configurations of baseline check items can be managed in the Scan Settings panel. The panel appears after you click Scan Settings in the upper-right corner of the Image Security page. | Enterprise and Ultimate |
2021-01-26 | Third-party image repositories can be scanned. | Enterprise and Ultimate |
2021-01-21 | Image system vulnerabilities can be fixed by using the feature of container image scan. This ensures the security of the image runtime environment. Note The feature of fixing image system vulnerabilities is available only in the China (Hong Kong) region. | Enterprise and Ultimate |
2021-01-21 | The Overview page is displayed as a tab. On the tab, sections are optimized to improve user experience. | All editions |
2021-01-14 | The feature of saving the vulnerabilities queried by specific filter conditions is removed from the vulnerability details page. The vulnerabilities include Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, application vulnerabilities, and urgent vulnerabilities. | All editions |
2021-01-14 | The following operation is supported on the Asset Exposure Analysis page: view the information of gateways, exposed ports, and exposed components. | Enterprise and Ultimate |
2021-01-14 | The default Container Registry instances can be scanned by using the feature of container image scan. | Enterprise and Ultimate |
2021-01-12 | Baseline checks for images are supported by the feature of container image scan. | Enterprise and Ultimate |
2021-01-12 | The overview of risks is added to the Image Security page. | Enterprise and Ultimate |
2021-01-07 | A weak password dictionary can be customized in baseline check policies. This reinforces account security. | Advanced, Enterprise, and Ultimate |
2020
December 2020
Release date | Description | Involved edition |
---|---|---|
2020-12-30 | The tasks that are in the Waiting state can be canceled on the Playbook page. | Enterprise and Ultimate |
2020-12-24 | The Ultimate edition of Security Center is launched. The edition provides a centralized security management platform for servers and containers. The edition also provides an all-in-one threat solution that has multiple features, including threat detection during container runtime, container network visualization, container image scan, vulnerability fixing, and baseline check. | Ultimate |
2020-12-24 | The list of assets that are exposed on the Internet can be exported on the Asset Exposure Analysis page. | Enterprise |
2020-12-24 | The Dynamic adaptive threat detection capability feature is added to the General tab of the Settings page. | All editions |
2020-12-17 | The search boxes on the Vulnerabilities page are optimized. You can view the commonly used filter conditions on this page. | All editions |
2020-12-17 | The causes for alerts and the suggestions on handling the alerts are provided on the Alerts page. This allows you to view the causes and handle the alerts at the earliest opportunity. | All editions |
2020-12-17 | The feature of limiting the access speed and network bandwidth is supported by the feature of container image scan when you add third-party image repositories to Security Center. This ensures that your business is not affected. | Enterprise |
2020-12-17 | The rule that is used to calculate security scores is optimized. For users who do not have Elastic Compute Service (ECS) instances, the deduction item indicating that urgent vulnerabilities are detected for the first time is removed. | All paid editions |
2020-12-17 | The entry point to security group check is moved under Application market in the left-side navigation pane. | All editions |
2020-12-17 | The feature of asset exposure analysis is supported. This feature allows you to manage the assets that are exposed on the Internet in a centralized manner and collect statistics on the risks of these assets. | Enterprise |
2020-12-17 | The Exposure column is added to the servers list on the Server(s) tab of the Assets page. You can check whether your servers are exposed on the Internet in the column. | Enterprise |
2020-12-17 | An entry point to join the technical support group in DingTalk is added to the lower-left corner of the Security Center console. | All paid editions |
2020-12-17 | The feature of handling an alert with a few clicks or multiple alerts by alert name at a time is supported by antivirus. | All paid editions |
2020-12-17 | The servers that you want to scan can be selected from one or more asset groups after you click Scan on the Virus Defense page. | All paid editions |
2020-12-17 | Auto-renewal by month is added to the Overview page. | All paid editions |
November 2020
Release date | Description | Involved edition |
---|---|---|
2020-11-26 | The search boxes on the Vulnerabilities and Alerts pages are optimized. | All editions |
2020-11-26 | The feature of filtering affected assets by asset group is added to the panel that displays the details of an urgent vulnerability. | All editions |
2020-11-26 | Active defense experience optimization is added to the Proactive Defense section of the Settings page. This improves asset security and user experience. | All editions |
2020-11-26 | The deduction item that indicates threat detection configurations for Kubernetes containers is added. | Enterprise |
2020-11-19 | The asset fingerprints feature can be used to collect the latest fingerprints of all assets with a few clicks. | Enterprise |
2020-11-12 | The deduction item that indicates configurations for periodic virus detection is added. | All paid editions |
2020-11-09 | Security Center is available for Alibaba Cloud 2020 Double 11 Big Sale. Various coupons and discounts are offered. | All editions |
October 2020
Release date | Description | Involved edition |
---|---|---|
2020-10-26 | The Value-added Plan edition is launched. The edition allows the users of Security Center Basic to separately purchase value-added based on the business requirements. | Value-added Plan |
2020-10-22 | The entry point to the anti-ransomware feature is moved to the left-side navigation pane. You can click Anti-ransomware under Defense in the left-side navigation pane to go to the General Anti-ransomware Solutions page. | Anti-virus, Advanced, and Enterprise |
2020-10-22 | The display of container-related assets on the Alerts page is optimized. The Affected Assets column displays pods, applications, clusters, and servers. | Enterprise |
2020-10-22 | The repeated Name column is deleted from the Middleware tab of the Asset Fingerprints page. | Enterprise |
2020-10-22 | When the vulnerability fixing progress reaches 99%, the message "The patch may take a long time to fix the vulnerability." is displayed. This optimization improves user experience. | Advanced and Enterprise |
2020-10-22 | The descriptions that you entered for ignored vulnerabilities can be viewed. This helps you manage the ignored vulnerabilities. | Advanced and Enterprise |
2020-10-22 | The First/latest scan time column is added to the Mirror Malicious Sample tab on the Image Security page. This column provides more details about image vulnerabilities. | Enterprise |
2020-10-22 | Third-party image repositories can be scanned. After you add a third-party image repository to Security Center, the system detects vulnerabilities and malicious samples on the third-party image repository. This ensures the security of the runtime environment for third-party image repositories. | Enterprise |
2020-10-22 | Images in your containers and third-party image repositories can be scanned by using the feature of container image scan. | Enterprise |
2020-10-15 | Your applications, at-risk applications, clusters, and namespaces are displayed on the Container tab of the Assets page. | All editions |
2020-10-15 | The vulnerability fixing feature is updated to check system configurations for specific Linux and Windows vulnerabilities before you can fix the vulnerabilities. For example, if the Windows Update service is running, a vulnerability fails to be fixed. In this case, the Fix button is dimmed. The cause of the failure and solution are provided when you move the pointer over the Fix button. | Advanced and Enterprise |
2020-10-15 | The scanning mode of Software Component Analysis is provided. You can select this mode only when Security Center periodically scans for application vulnerabilities. | Enterprise |
September 2020
Release date | Description | Involved edition |
---|---|---|
2020-09-25 | A link for configuring security message recipients is added to the Notifications tab of the Settings page. You can click the link to go to the Common Settings page to modify the information about message recipients. | All editions |
2020-09-25 | On the Agent tab of the Settings page, Key Validity Period is added to the Windows OS card of the Client Installation Guide tab. If you want to install the Security Center agent on a server that is not deployed on Alibaba Cloud, you can configure Key Validity Period. | All editions |
2020-09-25 | The entry point to the Release notes topic of Security Center is added to the Overview tab of the Security Center console. You can click New Features to view the release notes and to learn how to use the new features. | All editions |
2020-09-25 | The Emergency vul(s) Scan Cycle parameter can be selected in the Settings panel of the Vulnerabilities page in the Advanced and Enterprise editions. | Advanced and Enterprise |
2020-09-25 | The feature of fixing multiple vulnerabilities on a server that runs Windows Server 2008 at a time is disabled, and a description is provided when you move the pointer over the Fix button. If you fix multiple vulnerabilities on a server that runs Windows Server 2008, the server cannot be started. | Advanced and Enterprise |
2020-09-25 | The entry point that you can click to check logs of the related alert is added to the Details tab of the Unusual Logon-Login with unusual location panel. On the Details tab, you can click Log Analysis to view the logs of the alert. | All paid editions |
2020-09-22 | Scan cycle configuration is supported in the Defense Configuration panel of the Virus Defense page. After you configure a scan cycle for a specific server, Security Center automatically scans the server based on the scan cycle and determines whether viruses exist on the server. | All editions |
2020-09-22 | The feature of configuring a scan cycle for image vulnerabilities is supported. After you configure a scan cycle for an image vulnerability, Security Center automatically detects vulnerabilities based on the scan cycle. | Enterprise |
2020-09-22 | The feature of configuring a scan cycle for urgent vulnerabilities is supported. You can configure the scan cycle in the Settings panel of the Vulnerabilities page. After you configure a scan cycle for an urgent vulnerability, Security Center automatically detects vulnerabilities based on the scan cycle. | Advanced and Enterprise |
2020-09-22 | Behavior prevention can be turned on in the Proactive Defense section on the Settings page. This helps you protect the servers that require protection against malicious network behavior. | All paid editions |
2020-09-16 | The antivirus feature on the Settings page is updated to Proactive Defense. You can turn on or turn off Anti-Virus, Anti-ransomware (Bait Capture), or Webshell Protection to protect your servers against viruses and malicious network behavior. | All paid editions |
2020-09-16 | If you want to fix multiple Linux software vulnerabilities at a time on the Vulnerabilities tab of your asset, the vulnerabilities for which you must manually upgrade the system cannot be selected. If you want to fix multiple vulnerabilities at a time on the Vulnerabilities page, Security Center automatically ignores the vulnerabilities for which you must manually upgrade the system. This improves the efficiency of fixing vulnerabilities. | Advanced and Enterprise |
2020-09-03 | The feature of anti-ransomware data backup is supported in the China (Chengdu), US (Virginia), and India (Mumbai) regions. | All paid editions |
2020-09-03 | The anti-ransomware agent can be installed and uninstalled. Servers that use the same anti-ransomware policy can be deleted at a time. This allows you to manage the anti-ransomware agent for multiple servers at a time in a more efficient way. | All paid editions |
2020-09-03 | A maximum of 100 servers can be added to an anti-ransomware policy. This improves the efficiency of managing servers under an anti-ransomware policy. | All paid editions |
2020-09-03 | Urgent vulnerabilities of a specific type can be filtered based on version and network scan. | All editions |
2020-09-03 | The quick scan feature is supported for the users of Security Center Basic to detect urgent vulnerabilities. This improves the efficiency of urgent vulnerability detection. | Basic |
2020-09-03 | The feature of container threat detection is updated to K8s Threat Detection on the Settings page. Threat Detection is provided for you to enable or disable threat detection for Kubernetes clusters. | Enterprise |
2020-09-02 | Ubuntu 18.04, Ubuntu 20.04, and CentOS 8.2 operating systems are supported for the anti-ransomware agent. | All paid editions |
August 2020
Release date | Description | Involved edition |
---|---|---|
2020-08-27 | Check item not enabled and Checked items enabled are provided on the Cloud Platform Configuration Assessment page. This allows you to view check items. | Advanced and Enterprise |
2020-08-27 | SSL Status of SSL certificates is added to the Risky Websites (TOP5) section on the Website Security Report page. This allows you to improve the efficiency of managing all certificates in your assets. | Enterprise |
2020-08-27 | Required verification is added before you restart a server to fix vulnerabilities. If the server to be restarted is in the process of fixing or verifying vulnerabilities, you are not allowed to restart the server, and a prompt appears. This feature prevents failures of vulnerability fixing or verification because of server restarts. | Advanced and Enterprise |
2020-08-27 | The layout of pagination display on the Emergency tab of the Recommended Fix (CVE) panel is optimized. This improves the performance of managing vulnerabilities. | Advanced and Enterprise |
2020-08-27 | Database security alerting is added to the Security Score module. We recommend that you use Alibaba Cloud ApsaraDB RDS databases with strong security protection mechanisms. | All editions |
2020-08-27 | Regions outside China are supported for Login Location in the Settings panel on the Alerts page. You can set the logon location to an overseas region for your services. | All editions |
2020-08-26 | Statistical data and security information about all pods and containers are added to the Container tab on the Assets page. You can view the security risks of containers. | All editions |
2020-08-20 | Suggestions for upgrading the operating system are provided to fix Linux software vulnerabilities that require operating system upgrades. This improves the efficiency of fixing vulnerabilities. | Advanced and Enterprise |
2020-08-19 | The anti-ransomware agent is updated, and the issue of high CPU utilization or high memory usage when you use the agent to back up data is fixed. This improves the performance of the anti-ransomware feature. | All paid editions |
2020-08-13 | The feature of detecting image application vulnerabilities is supported. This feature allows you to detect vulnerabilities on the middleware related to an image and provides fix solutions. This improves the security of running images. | Enterprise |
2020-08-13 | Web application threat detection, malicious script detection, and DDoS attack detection are added to the Alerts page. | Advanced and Enterprise |
2020-08-13 | The feature of archiving historical alerts is supported. You can archive and download historical alerts on the Alerts page at any time. | All editions |
2020-08-06 | Multiple Linux software vulnerabilities and Web-CMS vulnerabilities can be fixed at a time. This makes vulnerability management more efficient. | Advanced and Enterprise |
2020-08-06 | The baseline check feature is supported for the Advanced edition. Users of Security Center Advanced can use the baseline check feature to check the security configurations of servers. | Advanced |
2020-08-06 | The Baseline column is added to the Server(s) tab on the Assets page. This allows you to view the number of baseline risks on your servers. | Advanced and Enterprise |
2020-08-06 | The way for sending an alert after the feature of web tamper proofing is triggered can be specified. If a web page under protection is tampered with, Security Center automatically sends you an alert based on the way you specify. | All paid editions |
2020-08-06 | A prompt with the description about the scanning mode that you want to select is displayed when you change Scanning Modes in the Settings panel of the Vulnerabilities page. This provides you with instructions when you select a scanning mode. | All paid editions |
2020-08-06 | The recommended value of Start Time is changed from 00:00:00 to 05:00:00 to 00:00:00 to 03:00:00. This reduces the impact of data backup on your business. The parameter is used to create an anti-ransomware policy. | All paid editions |
2020-08-06 | The number of vulnerabilities that require fixing is added to the Application and Emergency tabs in the Recommended Fix (CVE) panel of the Vulnerabilities page. | Advanced and Enterprise |
July 2020
Release date | Description | Involved edition |
---|---|---|
2020-07-30 | The Application and Emergency tabs are added to the Recommended Fix (CVE) panel. You can view and fix high-risk vulnerabilities in a timely manner. | Advanced and Enterprise |
2020-07-30 | Windows software vulnerabilities are prioritized based on the Microsoft official website. This allows you to view vulnerability priorities and fix vulnerabilities in a more convenient way. | All editions |
2020-07-30 | The security score can be affected by web tamper proofing. We recommend that you enable web tamper proofing for your website servers to prevent malicious modification, trojans, cyber kill chains, and insertion of illicit contents. | All paid editions |
2020-07-29 | The security check feature is added to help you check the security status of your websites on the Assets page and provides security reports. This feature allows you to view the risks on your websites, provides solutions, prevents attacks, malicious modification, or cyber kill chains, and ensures the stability of your websites. | Enterprise |
2020-07-23 | The vulnerability priority score can be affected by the asset importance score. The importance score of an important asset is set to 1.5, which indicates that a vulnerability detected on an important asset has a high priority. | All editions |
2020-07-23 | Successful Interception can be selected on the Alerts page after you select Handled. This allows you to view the common viruses that are automatically quarantined by Security Center. | All editions |
2020-07-23 | When you create a task that automatically fixes vulnerabilities, a maximum of 200 vulnerabilities on the Playbook page can be selected. | Enterprise |
2020-07-16 | The Security group check page is added. You can view weak security group rules and solutions on risk mitigation. | All editions |
2020-07-16 | The feature that runs quick scan tasks to detect container image vulnerabilities and malicious image samples is supported. This reduces risks when you use containers. Note To use this feature, you must purchase a Container Registry instance of the Enterprise edition. | Enterprise |
2020-07-16 | Real risk model or Full rule scan mode can be selected as the scanning mode in the Settings panel of the Vulnerabilities page. | All editions |
2020-07-16 | Vulnerabilities can be filtered based on virtual private clouds (VPCs) on the Vulnerabilities page. This allows you to manage vulnerabilities on different VPCs in a more convenient way. | All editions |
2020-07-09 | The threat detection model on the Assets page can be viewed when you handle an alert. The threat detection model provides comprehensive threat detection based on the intrusion process. This reinforces your asset security. | All editions |
2020-07-09 | Alerts can be tagged with attack phases on the Assets page, such as attacks against entries and lateral movement attacks. This allows you to identify the phase of an attack that targets your assets. | All editions |
2020-07-09 | The feature of adding an alert event to the whitelist based on the field of alert details is supported. For example, if you handle an unusual logon alert, you can add the current logon region to the whitelist. Logons from the region added to the whitelist are allowed. This allows you to use the whitelist feature in a more convenient way. | All paid editions |
June 2020
Release date | Description | Involved edition |
---|---|---|
2020-06-23 | YUM/APT Source Configuration can be selected in the Settings panel of the Vulnerabilities page. This improves the success rate of vulnerability fixing. | Advanced and Enterprise |
2020-06-11 | Backup files can be deleted when you use the anti-ransomware feature. This way, you can manage backup files more flexibly and make full use of the purchased anti-ransomware capacity. | All paid editions |
2020-06-11 | Assets can be tagged. On the Assets page, you can tag an asset as an important asset, common asset, or test asset. This allows you to manage assets in a more efficient way. | All editions |
2020-06-09 | The Anti-virus edition is launched to meet the urgent requirements of small- and medium-sized enterprises against virus intrusion. Security Center of this edition generates alerts upon detected viruses. In addition, it allows you to scan for viruses and remove persistent viruses with a few clicks. | |
2020-06-04 | The asset fingerprints feature is supported to collect information about the middleware of your servers. This allows you to know more about your assets. | Enterprise |
2020-06-04 | The parameters of anti-ransomware policies are updated. The recommended policy enables Security Center to back up data during off-peak hours. Data backup starts on 00:00:00 every day. This reduces negative effects or interruptions on your business when the system is backing up data. | All paid editions |
May 2020
Release date | Description | Involved edition |
---|---|---|
2020-05-15 | The security score can be affected by anti-ransomware. We recommend that you enable the anti-ransomware feature for your core servers to improve the security score of your assets. | All paid editions |
April 2020
Release date | Description | Involved edition |
---|---|---|
2020-04-30 | The antivirus feature is supported. It provides scans, alerts, deep cleanup, and data backup against persistent viruses such as mining programs. The antivirus feature provides layer-by-layer protection for your assets. | All paid editions |
2020-04-23 | Weak password rules can be customized as required. | All paid editions |
2020-04-23 | The client protection feature is supported. This feature automatically blocks activities that attempt to uninstall the Security Center agent. This ensures the stability of Security Center. | All paid editions |
2020-04-17 | Multiple Alibaba Cloud accounts and resource accounts in an enterprise can be managed in a centralized way. This allows you to monitor the security status of all accounts in the enterprise. | Enterprise |
2020-04-03 | Urgent vulnerability fixing is supported, and a unified page is provided for you to view and fix all urgent vulnerabilities. | All paid editions |
2020-04-02 | The basic protection mode, high-security prevention mode, and safeguard mode for major activities are supported by the Security Center agent. These modes allow the Security Center agent to protect your assets under different scenarios. | All editions |
March 2020
Release date | Description | Involved edition |
---|---|---|
2020-03-19 | The container signature feature is supported to ensure that unauthorized container images cannot be applied. This feature improves asset security. | Enterprise |
2020-03-12 | The feature of container image vulnerability scan is in public preview. Security Center has detected more than 120,000 vulnerabilities and provides urgent vulnerability detection and solutions to make vulnerability fixing easier. | Enterprise |
2020-03-06 | The entry point to the Settings page is moved to the left-side navigation pane. After you log on to the Security Center console, you can click Settings in the left-side navigation pane to go to the Settings page. | All editions |
February 2020
Release date | Description | Involved edition |
---|---|---|
2020-02-28 | The security status of containers can be viewed on the Assets page. This allows you to analyze the security risks and ensures the security of the cloud environment. | All editions |
2020-02-11 | Check items can be added to a whitelist of the baseline check feature. | Enterprise |
2020-02-10 | Linux server processes can be added to a whitelist of the web tamper proofing feature. | All paid editions |
January 2020
Release date | Description | Involved edition |
---|---|---|
2020-01-16 | Virus Detection is renamed Virus Blocking. If you purchased Security Center after January 16, 2020, this feature is enabled by default. | All paid editions |
2020-01-13 | Snapshots are automatically created to fix Linux software or Windows vulnerabilities. You can roll back the system to a snapshot. This allows you to fix vulnerabilities in a safe way. | All paid editions |
2020-01-08 | The playbook feature is supported. This feature allows you to create tasks to automatically fix multiple vulnerabilities at a time. This way, you can reinforce the system security in a more efficient way. | Enterprise |
2020-01-02 | IP address blocking policies can be configured to defend against brute-force attacks. You can customize IP address blocking policies based on your requirements. | All editions |
2019
Release date | Description | Involved edition |
---|---|---|
2019-12-10 | Security threat detection on running containers is supported. | Enterprise |
2019-10-17 | The feature of protection against brute-force attacks is supported. You can enable this feature in the Settings panel of the Alerts page. | All editions |
2019-10-17 | The fix and undo feature is provided for Linux CentOS 6 baseline risks. This feature allows you to fix one or more baseline risks at a time. For Linux CentOS 6 systems, the baseline check feature can detect baseline risks, generate alerts, fix baseline risks, and undo fixes. | Enterprise |
2019-08-02 | The AK and Password Leak Detection page is replaced by the AccessKey Leak Detection page. | Enterprise |
2019-08-01 | The Asset Management page is replaced by the Assets page. The Assets page provides visualized data of your assets and asset fingerprints to help you analyze the impact of potential risks. The Asset Fingerprints module allows you to manually collect asset fingerprints. | All editions |
2019-07-31 | The feature of container threat detection is supported. | Enterprise |
2019-07-26 | On the Settings page, notifications can be configured for the following two items: AccessKey pair leak information and cloud security configuration checks. | All editions |
2019-07-16 | The switch of daily security reports is removed from the Settings page. | All paid editions |
2019-06-20 | The results of configuration assessment can be exported. | All editions |
2019-06-20 | The Emergency tab on the Vulnerabilities page is optimized. You can view the progress of urgent vulnerability fixing. | All editions |
2019-06-19 | The feature of cloud platform best practices is renamed Cloud Platform Configuration Assessment. | All editions |
2019-06-19 | You can create security reports and specify the report content, data type, and destination email address. This feature helps you obtain the security status data of your assets. | All paid editions |
2019-06-16 | The Settings page is updated. The logon IP address whitelist is removed from the Settings page. | All editions |
2019-06-05 | The detection of application vulnerabilities is supported. | Enterprise |
2019-05-21 | Eighteen check items are added to the cloud platform best practices feature. These check items cover database whitelist configurations, Object Storage Service (OSS) log records, cross-region replication, Server Load Balancer (SLB) whitelist configurations, automatic image configurations of ECS instances, and ECS storage encryption. | All editions |
2019-05-21 | The feature of web tamper proofing is updated. You can view the overview of your website status. The whitelist and blacklist features are supported. | All paid editions |
2019-03-30 | Processes can be displayed based on detected vulnerabilities. | All paid editions |
2019-03-21 | Threat Detection Service is updated to Security Center. The Advanced edition is supported. Security Center has the Basic, Advanced, and Enterprise editions. | All editions |
2019-03-21 | The log retrieval feature is removed. | All paid editions |
2018
Release date | Description | Involved edition |
---|---|---|
2018-12-28 | The attack analysis, access analysis, and threat analysis features are removed. | Enterprise |
2018-12-20 | In the Basic edition, threat detection is supported only for events of the Unusual Logon and Others-DDoS types. The Enterprise edition is not affected. | Basic |
2018-12-15 | Attack analysis and tracing are supported. | Enterprise |
2018-12-10 | Automatic alert correlation analysis is supported. | Enterprise |