This topic describes the release notes for Security Center and provides links to the relevant references.

December 2020

Release date Description Involved edition
2020-12-30 The tasks that are in the Waiting state can be canceled on the Playbook page. Enterprise and Ultimate
2020-12-24 The Ultimate edition of Security Center is launched. The edition provides a centralized security management platform for servers and containers. The edition also provides an all-in-one threat solution that has multiple features, including threat detection during container runtime, container network visualization, container image scan, vulnerability fixing, and baseline check. Ultimate
2020-12-24 The list of assets that are exposed on the Internet can be exported on the Asset Exposure Analysis page. Enterprise
2020-12-24 The Dynamic adaptive threat detection capability feature is added to the General tab of the Settings page. All editions
2020-12-17 The search boxes on the Vulnerabilities page are optimized. You can view the commonly used filter conditions on this page. All editions
2020-12-17 The causes for alerts and the suggestions on handling the alerts are provided on the Alerts page. This allows you to view the causes and handle the alerts at the earliest opportunity. All editions
2020-12-17 The feature of limiting the access speed and network bandwidth is supported by container image scan when you add third-party image repositories to Security Center. This ensures that your business is not affected. Enterprise
2020-12-17 The rule that is used to calculate security scores is optimized. For users who do not have Elastic Compute Service (ECS) instances, the deduction item indicating that urgent vulnerabilities are detected for the first time is removed. All paid editions
2020-12-17 The entry point to security group check is moved under Application market in the left-side navigation pane. All editions
2020-12-17 The feature of asset exposure analysis is supported. This feature allows you to manage the assets that are exposed on the Internet in a centralized manner and collect statistics on the risks of these assets. Enterprise
2020-12-17 The Exposure column is added to the servers list on the Server(s) tab of the Assets page. You can check whether your servers are exposed on the Internet in the column. Enterprise
2020-12-17 An entry point to join the technical group in DingTalk is added to the lower-left corner of the Security Center console. All paid editions
2020-12-17 The feature of handling an alert with a few clicks or multiple alerts by alert name at a time is supported by antivirus. All paid editions
2020-12-17 The servers that you want to scan can be selected from one or more asset groups after you click Scan on the Virus Defense page. All paid editions
2020-12-17 Auto-renewal by month is added to the Overview page. All paid editions

November 2020

Release date Description Involved edition
2020-11-26 The search boxes on the Vulnerabilities and Alerts pages are optimized. All editions
2020-11-26 The feature of filtering affected assets by asset group is added to the panel that displays the details of an urgent vulnerability. All editions
2020-11-26 Active defense experience optimization is added to the Proactive Defense section of the Settings page. This improves asset security and user experience. All editions
2020-11-26 The deduction item that indicates threat detection configurations for Kubernetes containers is added. Enterprise
2020-11-19 The asset fingerprints feature can be used to collect the latest fingerprints of all assets with a few clicks. Enterprise
2020-11-12 The deduction item that indicates configurations for periodic virus detection is added. All paid editions
2020-11-09 Security Center is available for Alibaba Cloud 2020 Double 11 Big Sale. Various coupons and discounts are offered. All editions

October 2020

Release date Description Involved edition
2020-10-26 The Value-added Plan edition is launched. The edition allows the users of Security Center Basic to separately purchase value-added based on the business requirements. Value-added Plan
2020-10-22 The entry point to the anti-ransomware feature is moved to the left-side navigation pane. You can click Anti-ransomware under Defense in the left-side navigation pane to go to the General Anti-ransomware Solutions page. Anti-virus, Advanced, and Enterprise
2020-10-22 The display of container-related assets on the Alerts page is optimized. The Affected Assets column displays pods, applications, clusters, and servers. Enterprise
2020-10-22 The repeated Name column is deleted from the Middleware tab of the Asset Fingerprints page. Enterprise
2020-10-22 When the vulnerability fixing progress reaches 99%, the message "The patch may take a long time to fix the vulnerability." is displayed. This optimization improves user experience. Advanced and Enterprise
2020-10-22 The descriptions that you entered for ignored vulnerabilities can be viewed. This helps you manage the ignored vulnerabilities. Advanced and Enterprise
2020-10-22 The First/latest scan time column is added to the Mirror Malicious Sample tab on the Image Security page. This column provides more details about image vulnerabilities. Enterprise
2020-10-22 Third-party image repositories can be scanned. After you add a third-party image repository to Security Center, the system detects vulnerabilities and malicious samples on the third-party image repository. This ensures the security of the runtime environment for third-party image repositories. Enterprise
2020-10-22 Images in your containers and third-party image repositories can be scanned by using the feature of container image scan. Enterprise
2020-10-15 Your applications, at-risk applications, clusters, and namespaces are displayed on the Container tab of the Assets page. All editions
2020-10-15 The vulnerability fixing feature is updated to check system configurations for specific Linux and Windows vulnerabilities before you can fix the vulnerabilities. For example, if the Windows Update service is running, a vulnerability fails to be fixed. In this case, the Fix button is dimmed. The cause of the failure and solution are provided when you move the pointer over the Fix button. Advanced and Enterprise
2020-10-15 The scanning mode of Software Component Analysis is provided. You can select this mode only when Security Center periodically scans for application vulnerabilities. Enterprise

September 2020

Release date Description Involved edition
2020-09-25 A link for configuring security message recipients is added to the Notifications tab of the Settings page. You can click the link to go to the Common Settings page to modify the information about message recipients. All editions
2020-09-25 On the Agent tab of the Settings page, Key Validity Period is added to the Windows OS card of the Client Installation Guide tab. If you want to install the Security Center agent on a server that is not deployed on Alibaba Cloud, you can configure Key Validity Period. All editions
2020-09-25 The entry point to the Release notes topic of Security Center is added to the Overview tab of the Security Center console. You can click New Features to view the release notes and to learn how to use the new features. All editions
2020-09-25 The Emergency vul(s) Scan Cycle parameter can be selected in the Settings panel of the Vulnerabilities page in the Advanced and Enterprise editions. Advanced and Enterprise
2020-09-25 The feature of fixing multiple vulnerabilities on a server that runs Windows Server 2008 at a time is disabled, and a description is provided when you move the pointer over the Fix button. If you fix multiple vulnerabilities on a server that runs Windows Server 2008, the server cannot be started. Advanced and Enterprise
2020-09-25 The entry point that you can click to check logs of the related alert is added to the Details tab of the Unusual Logon-Login with unusual location panel. On the Details tab, you can click Log Analysis to view the logs of the alert. All paid editions
2020-09-22 Scan cycle configuration is supported in the Defense Configuration panel of the Virus Defense page. After you configure a scan cycle for a specific server, Security Center automatically scans the server based on the scan cycle and determines whether viruses exist on the server. All editions
2020-09-22 The feature of configuring a scan cycle for image vulnerabilities is supported. After you configure a scan cycle for an image vulnerability, Security Center automatically detects vulnerabilities based on the scan cycle. Enterprise
2020-09-22 The feature of configuring a scan cycle for urgent vulnerabilities is supported. You can configure the scan cycle in the Settings panel of the Vulnerabilities page. After you configure a scan cycle for an urgent vulnerability, Security Center automatically detects vulnerabilities based on the scan cycle. Advanced and Enterprise
2020-09-22 Behavior prevention can be turned on in the Proactive Defense section on the Settings page. This helps you protect the servers that require protection against malicious network behavior. All paid editions
2020-09-16 The antivirus feature on the Settings page is updated to Proactive Defense. You can turn on or turn off Anti-Virus, Anti-ransomware (Bait Capture), or Webshell Protection to protect your servers against viruses and malicious network behavior. All paid editions
2020-09-16 If you want to fix multiple Linux software vulnerabilities at a time on the Vulnerabilities tab of your asset, the vulnerabilities for which you must manually upgrade the system cannot be selected. If you want to fix multiple vulnerabilities at a time on the Vulnerabilities page, Security Center automatically ignores the vulnerabilities for which you must manually upgrade the system. This improves the efficiency of fixing vulnerabilities. Advanced and Enterprise
2020-09-03 The feature of anti-ransomware data backup is supported in the China (Chengdu), US (Virginia), and India (Mumbai) regions. All paid editions
2020-09-03 The anti-ransomware agent can be installed and uninstalled. Servers that use the same anti-ransomware policy can be deleted at a time. This allows you to manage the anti-ransomware agent for multiple servers at a time in a more efficient way. All paid editions
2020-09-03 A maximum of 100 servers can be added to an anti-ransomware policy. This improves the efficiency of managing servers under an anti-ransomware policy. All paid editions
2020-09-03 Urgent vulnerabilities of a specific type can be filtered based on version and network scan. All editions
2020-09-03 The quick scan feature is supported for the users of Security Center Basic to detect urgent vulnerabilities. This improves the efficiency of urgent vulnerability detection. Basic
2020-09-03 The feature of container threat detection is updated to K8s Threat Detection on the Settings page. Threat Detection is provided for you to enable or disable threat detection for Kubernetes clusters. Enterprise
2020-09-02 Ubuntu 18.04, Ubuntu 20.04, and CentOS 8.2 operating systems are supported for the anti-ransomware agent. All paid editions

August 2020

Release date Description Involved edition
2020-08-27 Check item not enabled and Checked items enabled are provided on the Cloud Platform Configuration Assessment page. This allows you to view check items. Advanced and Enterprise
2020-08-27 SSL Status of SSL certificates is added to the Risky Websites (TOP5) section on the Website Security Report page. This allows you to improve the efficiency of managing all certificates in your assets. Enterprise
2020-08-27 Required verification is added before you restart a server to fix vulnerabilities. If the server to be restarted is in the process of fixing or verifying vulnerabilities, you are not allowed to restart the server, and a prompt appears. This feature prevents failures of vulnerability fixing or verification because of server restarts. Advanced and Enterprise
2020-08-27 The layout of pagination display on the Emergency tab of the Recommended Fix (CVE) panel is optimized. This improves the performance of managing vulnerabilities. Advanced and Enterprise
2020-08-27 Database security alerting is added to the Security Score module. We recommend that you use Alibaba Cloud ApsaraDB RDS databases with strong security protection mechanisms. All editions
2020-08-27 Regions outside China are supported for Login Location in the Settings panel on the Alerts page. You can set the logon location to an overseas region for your services. All editions
2020-08-26 Statistical data and security information about all pods and containers are added to the Container tab on the Assets page. You can view the security risks of containers. All editions
2020-08-20 Suggestions for upgrading the operating system are provided to fix Linux software vulnerabilities that require operating system upgrades. This improves the efficiency of fixing vulnerabilities. Advanced and Enterprise
2020-08-19 The anti-ransomware agent is updated, and the issue of high CPU utilization or high memory usage when you use the agent to back up data is fixed. This improves the performance of the anti-ransomware feature. All paid editions
2020-08-13 The feature of detecting image application vulnerabilities is supported. This feature allows you to detect vulnerabilities on the middleware related to an image and provides fix solutions. This improves the security of running images. Enterprise
2020-08-13 Web application threat detection, malicious script detection, and DDoS attack detection are added to the Alerts page. Advanced and Enterprise
2020-08-13 The feature of archiving historical alerts is supported. You can archive and download historical alerts on the Alerts page at any time. All editions
2020-08-06 Multiple Linux software vulnerabilities and Web-CMS vulnerabilities can be fixed at a time. This makes vulnerability management more efficient. Advanced and Enterprise
2020-08-06 The baseline check feature is supported for the Advanced edition. Users of Security Center Advanced can use the baseline check feature to check the security configurations of servers. Advanced
2020-08-06 The Baseline column is added to the Server(s) tab on the Assets page. This allows you to view the number of baseline risks on your servers. Advanced and Enterprise
2020-08-06 The way for sending an alert after the feature of web tamper proofing is triggered can be specified. If a web page under protection is tampered with, Security Center automatically sends you an alert based on the way you specify. All paid editions
2020-08-06 A prompt with the description about the scanning mode that you want to select is displayed when you change Scanning Modes in the Settings panel of the Vulnerabilities page. This provides you with instructions when you select a scanning mode. All paid editions
2020-08-06 The recommended value of Start Time is changed from 00:00:00 to 05:00:00 to 00:00:00 to 03:00:00. This reduces the impact of data backup on your business. The parameter is used to create an anti-ransomware policy. All paid editions
2020-08-06 The number of vulnerabilities that require fixing is added to the Application and Emergency tabs in the Recommended Fix (CVE) panel of the Vulnerabilities page. Advanced and Enterprise

July 2020

Release date Description Involved edition
2020-07-30 The Application and Emergency tabs are added to the Recommended Fix (CVE) panel. You can view and fix high-risk vulnerabilities in a timely manner. Advanced and Enterprise
2020-07-30 Windows software vulnerabilities are prioritized based on the Microsoft official website. This allows you to view vulnerability priorities and fix vulnerabilities in a more convenient way. All editions
2020-07-30 The security score can be affected by web tamper proofing. We recommend that you enable web tamper proofing for your website servers to prevent malicious modification, trojans, cyber kill chains, or insertion of illicit contents. All paid editions
2020-07-29 The security check feature is added to help you check the security status of your websites on the Assets page and provides security reports. This feature allows you to view the risks on your websites, provides solutions, prevents attacks, malicious modification, or cyber kill chains, and ensures the stability of your websites. Enterprise
2020-07-23 The vulnerability priority score can be affected by the asset importance score. The importance score of an important asset is set to 1.5, which indicates that a vulnerability detected on an important asset has a high priority. All editions
2020-07-23 Successful Interception can be selected on the Alerts page after you select Handled. This allows you to view the common viruses that are automatically quarantined by Security Center. All editions
2020-07-23 When you create a task that automatically fixes vulnerabilities, a maximum of 200 vulnerabilities on the Playbook page can be selected. Enterprise
2020-07-16 The Security group check page is added. You can view weak security group rules and solutions on risk mitigation. All editions
2020-07-16 The feature that runs quick scan tasks to detect container image vulnerabilities and malicious image samples is supported. This reduces risks when you use containers.
Note To use this feature, you must purchase a Container Registry instance of the Enterprise edition.
Enterprise
2020-07-16 Real risk model or Full rule scan mode can be selected as the scanning mode in the Settings panel of the Vulnerabilities page. All editions
2020-07-16 Vulnerabilities can be filtered based on virtual private clouds (VPCs) on the Vulnerabilities page. This allows you to manage vulnerabilities on different VPCs in a more convenient way. All editions
2020-07-09 The threat detection model on the Assets page can be viewed when you handle an alert. The threat detection model provides comprehensive threat detection based on the intrusion process. This reinforces your asset security. All editions
2020-07-09 Alerts can be tagged with attack phases on the Assets page, such as attacks against entries and lateral movement attacks. This allows you to identify the phase of an attack that targets your assets. All editions
2020-07-09 The feature of adding an alert event to the whitelist based on the field of alert details is supported. For example, if you handle an unusual logon alert, you can add the current logon region to the whitelist. Logons from the region added to the whitelist are allowed. This allows you to use the whitelist feature in a more convenient way. All paid editions

June 2020

Release date Description Involved edition
2020-06-23 YUM/APT Source Configuration can be selected in the Settings panel of the Vulnerabilities page. This improves the success rate of vulnerability fixing. Advanced and Enterprise
2020-06-11 Backup files can be deleted when you use the anti-ransomware feature. This way, you can manage backup files more flexibly and make full use of the purchased anti-ransomware capacity. All paid editions
2020-06-11 Assets can be tagged. On the Assets page, you can tag an asset as an important asset, common asset, or test asset. This allows you to manage assets in a more efficient way. All editions
2020-06-09 The Anti-virus edition is launched to meet the urgent requirements of small- and medium-sized enterprises against virus intrusion. Security Center of this edition generates alerts upon detected viruses. In addition, it allows you to scan for viruses and remove persistent viruses with a few clicks. Anti-virus
2020-06-04 The asset fingerprints feature is supported to collect information about the middleware of your servers. This allows you to know more about your assets. Enterprise
2020-06-04 The parameters of anti-ransomware policies are updated. The recommended policy enables Security Center to back up data during off-peak hours. Data backup starts on 00:00:00 every day. This reduces negative effects or interruptions on your business when the system is backing up data. All paid editions

May 2020

Release date Description Involved edition
2020-05-15 The security score can be affected by anti-ransomware. We recommend that you enable the anti-ransomware feature for your core servers to improve the security score of your assets. All paid editions

April 2020

Release date Description Involved edition
2020-04-30 The antivirus feature is supported. It provides scans, alerts, deep cleanup, and data backup against persistent viruses such as mining programs. The antivirus feature provides layer-by-layer protection for your assets. All paid editions
2020-04-23 Weak password rules can be customized as required. All paid editions
2020-04-23 The client protection feature is supported. This feature automatically blocks activities that attempt to uninstall the Security Center agent. This ensures the stability of Security Center. All paid editions
2020-04-17 Multiple Alibaba Cloud accounts and resource accounts in an enterprise can be managed. This allows you to monitor the security status of all accounts in the enterprise. Enterprise
2020-04-03 Urgent vulnerability fixing is supported, and a unified page is provided for you to view and fix all urgent vulnerabilities. All paid editions
2020-04-02 The basic protection mode, high-security prevention mode, and safeguard mode for major activities are supported by the Security Center agent. These modes allow the Security Center agent to protect your assets under different scenarios. All editions

March 2020

Release date Description Involved edition
2020-03-19 The container signature feature is supported to ensure that unauthorized container images cannot be applied. This feature improves asset security. Enterprise
2020-03-12 The feature of container image vulnerability scan is in public preview. Security Center has detected more than 120,000 vulnerabilities and provides urgent vulnerability detection and solutions to make vulnerability fixing easier. Enterprise
2020-03-06 The entry point to the Settings page is moved to the left-side navigation pane. After you log on to the Security Center console, you can click Settings in the left-side navigation pane to go to the Settings page. All editions

February 2020

Release date Description Involved edition
2020-02-28 The security status of containers can be viewed on the Assets page. This allows you to analyze the security risks and ensures the security of the cloud environment. All editions
2020-02-11 Check items can be added to a whitelist of the baseline check feature. Enterprise
2020-02-10 Linux server processes can be added to a whitelist of the web tamper proofing feature. All paid editions

January 2020

Release date Description Involved edition
2020-01-16 Virus Detection is renamed Virus Blocking. If you purchased Security Center after January 16, 2020, this feature is enabled by default. All paid editions
2020-01-13 Snapshots are automatically created to fix Linux software or Windows vulnerabilities. You can roll back the system to a snapshot. This allows you to fix vulnerabilities in a safe way. All paid editions
2020-01-08 The playbook feature is supported. This feature allows you to create tasks to automatically fix multiple vulnerabilities at a time. This way, you can reinforce the system security in a more efficient way. Enterprise
2020-01-02 IP address blocking policies can be configured to defend against brute-force attacks. You can customize IP address blocking policies based on your requirements. All editions

2019

Release date Description Involved edition
2019-12-10 Security threat detection on running containers is supported. Enterprise
2019-10-17 The feature of protection against brute-force attacks is supported. You can enable this feature in the Settings panel of the Alerts page. All editions
2019-10-17 The fix and undo feature is provided for Linux CentOS 6 baseline risks. This feature allows you to fix one or more baseline risks at a time. For Linux CentOS 6 systems, the baseline check feature can detect baseline risks, generate alerts, fix baseline risks, and undo fixes. Enterprise
2019-08-02 The AK and Password Leak Detection page is replaced by the AccessKey Leak Detection page. Enterprise
2019-08-01 The Asset Management page is replaced by the Assets page. The Assets page provides visualized data of your assets and asset fingerprints to help you analyze the impact of potential risks. The Asset Fingerprints module allows you to manually collect asset fingerprints. All editions
2019-07-31 The feature of container threat detection is supported. Enterprise
2019-07-26 On the Settings page, notifications can be configured for the following two items: AccessKey pair leak information and cloud security configuration checks. All editions
2019-07-16 The switch of daily security reports is removed from the Settings page. All paid editions
2019-06-20 The results of configuration assessment can be exported. All editions
2019-06-20 The Emergency tab on the Vulnerabilities page is optimized. You can view the progress of urgent vulnerability fixing. All editions
2019-06-19 The feature of cloud platform best practices is renamed Cloud Platform Configuration Assessment. All editions
2019-06-19 You can create security reports and specify the report content, data type, and destination email address. This feature helps you obtain the security status data of your assets. All paid editions
2019-06-16 The Settings page is updated. The logon IP address whitelist is removed from the Settings page. All editions
2019-06-05 The detection of application vulnerabilities is supported. Enterprise
2019-05-21 Eighteen check items are added to the cloud platform best practices feature. These check items cover database whitelist configurations, Object Storage Service (OSS) log records, cross-region replication, Server Load Balancer (SLB) whitelist configurations, automatic image configurations of ECS instances, and ECS storage encryption. All editions
2019-05-21 The feature of web tamper proofing is updated. You can view the overview of your website status. The whitelist and blacklist features are supported. All paid editions
2019-03-30 Processes can be displayed based on detected vulnerabilities. All paid editions
2019-03-21 Threat Detection Service is updated to Security Center. The Advanced edition is supported. Security Center has the Basic, Advanced, and Enterprise editions. All editions
2019-03-21 The log retrieval feature is removed. All paid editions

2018

Release date Description Involved edition
2018-12-28 The attack analysis, access analysis, and threat analysis features are removed. Enterprise
2018-12-20 In the Basic edition, threat detection is supported only for events of the Unusual Logon and Others-DDoS types. The Enterprise edition is not affected. Basic
2018-12-15 Attack analysis and tracing are supported. Enterprise
2018-12-10 Automatic alert correlation analysis is supported. Enterprise