Security Center provides the following editions: Basic, Anti-virus, Advanced, Enterprise, and Ultimate. This topic describes the differences among these editions.
- Basic (Introduction to Security Center Basic)
The Basic edition offers basic Security Hardening capabilities free of charge. You can use the capabilities to detect unusual logons to your servers, DDoS attacks, common vulnerabilities on your servers, and configuration risks of cloud services. If you select Security Hardening when you purchase an Elastic Compute Service (ECS) instance, Security Center Basic is automatically activated.
- Anti-virus
The Anti-virus edition uses the subscription billing method. It offers security features, such as alerting and antivirus.
- Advanced
The Advanced edition uses the subscription billing method. It offers security features, such as alerting, antivirus, vulnerability detection and fixing, and security reports.
- Enterprise
The Enterprise edition uses the subscription billing method and provides a wide array of security features. The features include alerting, antivirus, vulnerability detection and fixing, baseline checks, asset fingerprints, and attack analysis.
- Ultimate
The Ultimate edition uses the subscription billing method and provides a wide array of security features. The features include container image scan, threat detection on Kubernetes containers, network topology of containers, alerting, antivirus, vulnerability detection and fixing, baseline checks, asset fingerprints, and attack analysis.
- ×: indicates that the feature is not supported by the edition.
- √: indicates that the feature is supported by the edition.
- Value-added: indicates a value-added feature. If you want to use a value-added feature, you must enable the feature when you purchase or upgrade Security Center.
- Application required: indicates that the feature is available only after you apply for the feature and obtain the approval from Security Center.
Pricing
Billable item | Basic | Anti-virus | Advanced | Enterprise | Ultimate | Value-added Plan | |
---|---|---|---|---|---|---|---|
Basic fees | Free | USD 1 per core per month | USD 9.5 per server per month | USD 23.5 per server per month | USD 3 per core per month | Free | |
Fees of value-added features | Web Tamper Protection | Not supported | USD 142.6 per server per month | USD 142.6 per server per month | USD 142.6 per server per month | USD 142.6 per server per month | USD 142.6 per server per month |
Anti-ransomware | Not supported | USD 0.045 per GB per month | USD 0.045 per GB per month | USD 0.045 per GB per month | USD 0.045 per GB per month | USD 0.045 per GB per month | |
Log Analysis | Not supported | Not supported | USD 72.9 per TB per month | USD 72.9 per TB per month | USD 72.9 per TB per month | Not supported | |
Container image scan | Not supported | Not supported | USD 0.3 per image | USD 0.3 per image | USD 0.3 per image | USD 0.3 per image | |
Subscription period | Unlimited | Monthly subscription supported | Monthly subscription supported | Monthly subscription supported | Monthly subscription supported | Monthly subscription supported |
Container security
- Container Service for Kubernetes: Security Center performs security checks for all Kubernetes clusters that are created by using templates.
- Container Registry: Security Center performs security checks only for Container Registry instances of the Enterprise edition and self-managed Harbor image repositories. Security Center cannot perform security checks for default Container Registry instances.
Feature | Description | Basic and Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|
Threat detection during container runtime | Security Center detects threats to Container Service for Kubernetes in real time. The threats include viruses and malicious programs in containers or on hosts, intrusion into containers, and container escapes. Security Center also generates alerts for these threats and warnings for high-risk operations. | × | × | × | √ | Use the runtime security feature to monitor ACK clusters and configure alerts |
Security Center detects the following threats for containers during container runtime
and generates alerts for detected threats:
|
× | × | × | √ | None | |
Threat detection on Kubernetes containers | Security Center monitors the status of running containers in a Kubernetes cluster.
This allows you to detect security risks and attacker intrusions at the earliest opportunity.
Security Center detects the following items:
|
× | × | × | √ | Use threat detection on Kubernetes containers |
Image signature | Security Center signs trusted container images and verifies the signatures to ensure that only trusted images are deployed. This prevents unauthorized container images from being started and improves asset security. Only Kubernetes clusters that are deployed in the China (Hong Kong) region support the image signature feature. | × | × | × | √ | Use the container signature feature |
Container image scan | Security Center detects the following image baseline risks, image vulnerabilities,
and malicious image samples:
Note Only image system vulnerabilities can be fixed with a few clicks. Security Center
detects image application vulnerabilities, image baseline risks, and malicious image
samples. However, you are not allowed to fix the detected risks with a few clicks.
If image application vulnerabilities, malicious image samples, or image baseline risks
are detected in container images, we recommend that you follow the suggestions on
vulnerability fixes provided by Security Center to reinforce image security. You can
also use the paths of the malicious samples to manually reinforce image protection.
|
× | Value-added | Value-added | Value-added | Overview of the container image scan feature |
Container configuration security | Security Center performs security checks on the baseline configurations of containers.
It also generates alerts for the detected risks. Security Center detects the following
items:
|
× | × | × | √ | Overview |
Management of container-related assets | Security Center displays the statistics and risk status of all container-related assets. | √ | √ | √ | √ | View the security information of containers |
Container network topology | The feature of container network topology allows you to perform security-related operations on your assets such as clusters, containers, images, and applications, in a visualized manner. The feature also displays the network topology of your containers. This feature enables you to manage your containers in a more efficient manner. You can use container network topology to obtain the up-to-date security information and network connections of your assets. | × | × | × | √ | Container network topology |
Security score
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Security score | Security Center displays a security score on the Overview tab. The security score is calculated based on the security status of your assets. A higher score indicates fewer risks in your assets. | √ | √ | √ | √ | √ |
Assets page
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Servers | Security Center displays security information about each protected server. The information includes the risk status, group, region, and virtual private cloud (VPC). | √ | √ | √ | √ | √ | View the security status of a server |
Containers | Security Center displays security information about each protected container group, container, and image. The information includes the risk status. | × | × | × | √ | √ | View the security information of containers |
Websites | Security Center displays security information about each protected website. The information includes the root domain, subdomains, risk status, and alerts. | √ | √ | √ | √ | √ | View website status |
Cloud services | Security Center displays security information about each protected cloud service, such as Server Load Balancer (SLB), NAT Gateway, ApsaraDB RDS, and ApsaraDB for MongoDB. The information includes at-risk services and the type of each service. | √ | √ | √ | √ | √ | View the security status of cloud services |
Asset exposure analysis
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Asset exposure analysis | Security Center automatically analyzes the exposures of your ECS instances on the Internet and visualizes the communication links between ECS instances and the Internet. Security Center also displays details about the vulnerabilities in the exposed ECS instances. The asset exposure analysis feature helps you identify abnormal exposures of your assets on the Internet and provides suggestions on vulnerability fixing. | × | × | × | √ | √ | Asset exposure analysis |
Virus defense
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Virus detection | The security experts of Security Center conduct automated analysis on attack methods based on a large number of persistent virus samples. Alibaba Cloud developed the machine learning antivirus engine based on the attack awareness. You can detect and remove viruses with a few clicks. | × | √ | √ | √ | √ | Overview |
Protection against viruses | Security Center quarantines major ransomware, DDoS trojans, mining programs and trojans, malicious programs, backdoor programs, and worms. | × | √ | √ | √ | √ | |
Protection against ransomware | Security Center traps ransomware and supports data backup and restoration. | × | Value-added | Value-added | Value-added | Value-added | Overview |
Vulnerability fixing
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Linux software vulnerabilities | Security Center compares software versions by using the matching engine of Open Vulnerability
and Assessment Language (OVAL). If the vulnerabilities that are recorded in the Common
Vulnerabilities and Exposures (CVE) database are detected in the current version,
Security Center generates alerts.
Note The Basic edition supports automatic vulnerability scans. However, this edition does not support
vulnerability fixing or quick scan tasks. If you want to manually run quick scan tasks, you must upgrade Security Center to the Anti-virus, Advanced, Enterprise, or Ultimate edition. If you want Security Center to automatically fix detected vulnerabilities,
you must upgrade Security Center to the Advanced, Enterprise, or Ultimate edition.
|
√ | √ | √ | √ | √ | View and handle Linux software vulnerabilities |
Vulnerability fixing: Security Center supports the automatic fixing of system vulnerabilities and automatic creation of snapshots. This allows you to undo fixes by using snapshots. | × | × | √ | √ | √ | ||
Windows system vulnerabilities | Security Center obtains Microsoft updates for Windows operating systems, detects high-risk
vulnerabilities, and generates alerts for these vulnerabilities.
Note The Basic edition supports automatic vulnerability scans. However, this edition does not support
vulnerability fixing or quick scan tasks. If you want to manually run quick scan tasks, you must upgrade Security Center to the Anti-virus, Advanced, Enterprise, or Ultimate edition. If you want Security Center to automatically fix detected vulnerabilities,
you must upgrade Security Center to the Advanced, Enterprise, or Ultimate edition.
|
√ | √ | √ | √ | √ | View and handle Windows system vulnerabilities |
Vulnerability fixing: Security Center automatically identifies pre-patches that are used to fix vulnerabilities to prevent failures caused by the lack of the required pre-patches. This allows you to fix Windows vulnerabilities with a few clicks. Security Center also generates alerts for vulnerabilities that require a system restart after the vulnerabilities are fixed. This allows you to fix Windows system vulnerabilities in an efficient manner. | × | × | √ | √ | √ | ||
Web-CMS vulnerabilities | Security Center monitors web directories, recognizes common website builders, and
checks the vulnerability database to identify vulnerabilities in website builders.
Note The Basic edition supports automatic vulnerability scans. However, this edition does not support
vulnerability fixing or quick scan tasks. If you want to manually run quick scan tasks, you must upgrade Security Center to the Anti-virus, Advanced, Enterprise, or Ultimate edition. If you want Security Center to automatically fix detected vulnerabilities,
you must upgrade Security Center to the Advanced, Enterprise, or Ultimate edition.
|
√ | √ | √ | √ | √ | View and handle Web-CMS vulnerabilities |
Vulnerability fixing: Security Center uses patches developed by Alibaba Cloud to replace and modify source code. This allows you to fix vulnerabilities with a few clicks. | × | × | √ | √ | √ | ||
Urgent vulnerabilities | Security Center detects urgent vulnerabilities that are unexpectedly released to the public. Security Center does not support automatic fixing of urgent vulnerabilities. You must follow the instructions provided by Security Center to manually fix the vulnerabilities. | √ | √ | √ | √ | √ | View and handle urgent vulnerabilities |
Application vulnerabilities | Security Center detects weak passwords for system services and vulnerabilities in
system services and applications.
Note Only the Enterprise and Ultimate editions support application vulnerability detection.Basic,Anti-virus,Advanced If you want to detect application vulnerabilities in your assets, you must upgrade
Security Center to the Enterprise or Ultimate edition.
|
× | × | × | √ | √ | View and handle application vulnerabilities |
Quick scan | Security Center allows you to manually run quick scan tasks on your assets to detect vulnerabilities in real time.
Note Only the Enterprise and Ultimate editions support application vulnerability detection. If you want to run quick scan tasks to detect application vulnerabilities, make sure that you use the Enterprise or Ultimate edition.Basic,Anti-virus,Advanced For more information about the types of vulnerabilities that can be detected by quick scan tasks in each edition, see Quick scan.
|
√ (Only the detection of urgent vulnerabilities is supported by the Basic edition.) | √ (The detection of application vulnerabilities is not supported by the Anti-virus edition.) | √ (The detection of application vulnerabilities is not supported by the Advanced edition.) | √ | √ | Use the quick scan feature |
Display of vulnerabilities that require immediate fixing | Security Center fixes urgent vulnerabilities and lists the vulnerabilities that require immediate fixing. This allows you to identify and fix vulnerabilities that have high priorities. | × | × | √ | √ | √ | Overview |
YUM and APT source configuration | Turn on or turn off the switch to specify whether to preferentially use YUM or APT
sources of Alibaba Cloud to fix vulnerabilities.
Note Before you fix a Linux software vulnerability, you must specify a valid YUM or APT
source. If you specify an invalid YUM or APT source, the vulnerability may fail to
be fixed. After you turn on the switch, Security Center automatically selects a YUM
or APT source of Alibaba Cloud. This improves the success rate of vulnerability fixing.
We recommend that you turn on the switch for YUM/APT Source Configuration.
|
× | × | √ | √ | √ | Configure vulnerability settings |
Baseline checks
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Baseline checks on servers | Security Center dispatches tasks to check server configurations. If configuration
risks are detected, Security Center generates alerts.
Security Center allows you to specify check items, detection intervals, and servers to customize check policies. Custom check scripts are not supported. Security Center allows you to customize weak password rules. Security Center checks the configurations of your cloud services by using a custom check policy. If weak passwords are detected, Security Center generates alerts. Security Center performs baseline checks on the following items:
|
× | × | √ (Only the detection of weak passwords is supported by the edition.) | √ | √ | Baseline checks |
Baseline risk fixing | Security Center mitigates risks that are detected from the baseline checks of Alibaba Cloud security and classified protection compliance. | × | × | × | √ | √ | Manage baseline risks |
Configuration assessment
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Configuration assessment | Security Center detects risks in the configurations of Alibaba Cloud services, such
as ECS and ApsaraDB RDS.
Security Center detects the following items:
|
× | × | √ | √ | √ | Overview |
Alerting
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Suspicious processes | Security Center traces intrusion sources based on real attack-defense scenarios in
the cloud and creates a process whitelist. If unauthorized processes or intrusion
attacks are detected, Security Center generates alerts.
Security Center builds approximately 1,000 process patterns for hundreds of processes and compares the processes against these patterns to detect suspicious processes. Security Center detects the following items:
|
× | √ | √ | √ | √ | Alerts |
Webshells | Security Center supports detection of website script files, such as PHP, ASP, and
JSP files, based on both servers and networks.
Security Center performs the following detection:
|
√ (The detection of some webshells is supported by the Basic edition.) | √ | √ | √ | √ | |
Security Center also provides webshell removal to quarantine detected webshell files. You can restore files that are quarantined within the last 30 days. | × | √ | √ | √ | √ | ||
Unusual logons | Security Center provides basic detection services.
Security Center detects the following items:
|
√ | √ | √ | √ | √ | |
Security Center provides advanced detection services.
Security Center detects the following items:
|
× | × | √ | √ | √ | ||
Tampering of sensitive files | Security Center monitors sensitive directories and files, and generates alerts if
suspicious read, write, or delete operations are detected.
Security Center detects the following items:
|
× | √ | √ | √ | √ | |
Malicious processes | Security Center scans processes on a regular basis, monitors process startups, and
detects viruses and trojans by using the cloud antivirus mechanism. You can terminate
malicious processes and quarantine malicious files with a few clicks in the Security
Center console.
The virus library that is used for cloud antivirus has the following characteristics:
Security Center detects the following items:
|
× | √ | √ | √ | √ | |
Suspicious network connections | Security Center monitors connections on servers and networks. If suspicious connections
are detected, Security Center generates alerts.
Security Center detects the following items:
|
× | √ | √ | √ | √ | |
Others | Security Center detects the following items:
|
× | × | √ | √ | √ | |
Suspicious accounts | Security Center detects suspicious accounts that attempt to log on to your system based on user behavior analysis. | × | √ | √ | √ | √ | |
Intrusion into applications | Security Center detects intrusion into applications, such as SQL Server. | × | √ | √ | √ | √ | |
Threats to cloud services | Security Center detects unusual use of cloud services based on user behavior analysis. For example, an attacker uses your AccessKey pair to purchase a large number of ECS instances to mine data. | × | √ | √ | √ | √ | |
Precise defense | Security Center automatically quarantines common Internet viruses, such as ransomware, DDoS trojans, mining and trojan programs, malicious programs, webshells, and computer worms. Alibaba Cloud security experts test and verify all the automatically quarantined viruses to minimize false positive rates. | × | √ | √ | √ | √ | |
Persistent webshells | Security Center detects persistent webshells on servers.
After an attacker gains control over a server, the attacker typically places webshells, such as scripts, processes, and links, to persistently exploit the intrusion. Common persistent webshells include crontab jobs, automatic tasks, and system replacement files. |
× | √ | √ | √ | √ | |
Threats to web applications | Security Center detects intrusion activities that use web applications. | × | √ | √ | √ | √ | |
Malicious scripts | Security Center detects malicious scripts on servers.
Malicious scripts are classified into file-based scripts and fileless scripts. After an attacker gains control over a server, the attacker uses scripts for additional attacks. For example, the attacker may insert mining programs and webshells, and add administrator accounts to your system. Languages of malicious scripts include Bash, Python, Perl, PowerShell, Batch, and VBScript. |
× | √ | √ | √ | √ | |
Threat intelligence | Security Center provides third-party threat intelligence sources. | × | Value-added | Value-added | Value-added | Value-added | |
Malicious network behavior | Security Center identifies unusual network behavior based on logs, such as communication content and host behavior logs. Malicious network behavior includes intrusion into hosts over open network services and unusual behavior of cracked hosts. | × | √ | √ | √ | √ | |
Archived alerts | Security Center archives alerts 30 days after data is generated and allows you to download the archived alerts. This facilitates event tracing and audit. | √ | √ | √ | √ | √ | Archive alerts |
Attack analysis
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Attack analysis | Security Center displays the details of web attacks and brute-force attacks on your server. Security Center traces the attacker IP addresses and finds the flaws of the attacks. | × | × | × | √ | √ | Attack awareness |
Detection of AccessKey pair leaks
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Detection of AccessKey pair leaks | Security Center monitors code hosting platforms such as GitHub to detect AccessKey pair leaks in source code that may be accidentally uploaded by company employees. | √ | √ | √ | √ | √ | Detection of AccessKey pair leaks |
Log analysis
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Log analysis | Security Center allows you to retrieve and analyze raw log data. The data includes
data related to process startup events, external network connections, system logon
events, five tuples, DNS queries, security logs, and alert logs.
Note Only users of the Security Center Enterprise and Ultimate editions can view network
logs. Users of the Security Center Anti-virus or Advanced edition cannot view network
logs. On the Log Analysis page of the Security Center console, users of the Anti-virus or Advanced edition
can view only security and host logs.
|
× | × | Value-added | Value-added | Value-added | Log analysis |
Investigation of asset fingerprints
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Asset fingerprints | Security Center collects the following server information in real time:
|
× | × | × | √ | √ | Overview of asset fingerprints |
Operation
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Security reports | Security Center allows you to customize security reports. After you enable this feature, Security Center sends daily emails that have security statistics to the specified recipients. | × | × | √ | √ | √ | Create a security report |
Playbook | Security Center allows you to manage tasks. You can run tasks to enable automatic fixing of vulnerabilities in multiple assets at a time. | × | × | × | √ | √ | Overview |
Multi-account control | Security Center allows you to manage multiple Alibaba Cloud accounts and resource accounts in an enterprise. You can monitor the security status of accounts in a resource directory. | √ | √ | √ | √ | √ | Use the multi-account control feature |
Application marketplace
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Web tamper proofing | Security Center monitors website directories and restores maliciously modified files
or directories by using backups. Security Center protects websites from malicious
modification, trojans, hidden links, and insertion of violence or pornography content.
Security Center allows you to add trusted Windows and Linux processes to whitelists. After a process is added to a whitelist, Security Center no longer blocks the process. |
× | Value-added | Value-added | Value-added | Value-added | Web tamper proofing |
Configuration check of security groups | Security Center detects weak rules in ECS security groups and provides solutions. This allows you to use the security group feature in a more secure and efficient manner. | √ | √ | √ | √ | √ | Security group checks |
Settings page
Feature | Description | Basic | Anti-virus | Advanced | Enterprise | Ultimate | References |
---|---|---|---|---|---|---|---|
Settings page | Proactive Defense - Anti-Virus
This feature automatically quarantines common network viruses, such as common ransomware, DDoS trojans, mining programs, trojans, malicious programs, webshells, and computer worms. |
× | √ | √ | √ | √ | Use proactive defense |
Proactive Defense - Anti-ransomware (Bait Capture)
This feature uses bait to capture the new types of ransomware and analyzes the patterns of the new types of ransomware to protect your assets. |
× | × | √ | √ | √ | ||
Proactive Defense - Webshell Protection
This feature automatically intercepts abnormal connections that are initiated by attackers based on known webshells and quarantines related files. |
× | × | × | √ | √ | ||
Proactive Defense - Behavior prevention
This feature intercepts the abnormal network behavior between your servers and disclosed malicious access sources, which reinforces the security of your servers. |
× | × | × | √ | √ | ||
Proactive Defense - Active defense experience optimization
If your server unexpectedly shuts down or the defense capability is unavailable, Security Center collects server data by using the kdump service for protection analysis. This enhances the protection capability of Security Center on an ongoing basis. |
× | × | × | √ | √ | ||
Webshell detection
Security Center periodically scans web directories to detect webshells and trojans on your servers. |
× | √ | √ | √ | √ | Use the webshell detection feature | |
Kubernetes threat detection
Security Center monitors the status of running containers in a Kubernetes cluster. This allows you to detect security risks and attacker intrusions at the earliest opportunity. |
× | × | × | √ | √ | Use threat detection on Kubernetes containers | |
Adaptive threat detection
If a high-risk intrusion is detected on your server after the adaptive threat detection feature is enabled, the Security Center agent on your server automatically runs in Safeguard Mode For Major Activities mode. This mode helps detect intrusions in a faster and more comprehensive manner. |
× | × | × | √ | √ | Use adaptive threat detection | |
Automatic alert correlation analysis
After you enable this feature, Security Center automatically aggregates multiple alerts that are generated for the same IP address, the same service, or the same user into one alert. This makes alert handling more efficient. |
× | × | × | √ | √ | Enable automatic alert correlation analysis | |
Security control
Security control allows you to configure the IP address whitelist. Requests initiated from IP addresses in the whitelist are directly forwarded to destination servers. This prevents normal network traffic from being blocked. |
√ | √ | √ | √ | √ | Use the security control feature | |
Access control
Resource Access Management (RAM) allows you to create and manage RAM users, such as individuals, system administrators, and application administrators. You can manage RAM user permissions to control access to Alibaba Cloud resources. |
√ | √ | √ | √ | √ | Use RAM | |
Protection modes
Security Center provides multiple modes to protect your server in different scenarios.
You can configure the following protection modes to protect your server:
|
√ | √ | √ | √ | √ | Manage protection modes | |
Client protection
After you enable the client protection feature, Security Center automatically intercepts unauthorized agent uninstallation. This feature prevents the agent from being uninstalled by attackers or terminated by other software. |
√ | √ | √ | √ | √ | Use the client protection feature | |
Notifications | Security Center allows you to customize alert notifications. For example, you can
specify notification methods and alert severities. Security Center sends the alert
notifications by using text messages, emails, internal messages, and DingTalk chatbots.
You can configure notifications for the following items:
Note If you want to use DingTalk chatbots to send alert notifications, make sure that Security
Center runs the Enterprise edition.
|
√ | √ | √ | √ | √ | None |
Installation and uninstallation of the Security Center agent | Security Center allows you to install and uninstall the Security Center agent. | √ | √ | √ | √ | √ | Install and uninstall the Security Center agent |
Threat detection limits
When Security Center detects risks, it sends security alerts to you without delay. You can manage security alerts, scan for vulnerabilities, analyze attacks, and perform configuration assessment in the Security Center console. Security Center can also analyze alerts and automatically trace attacks. This reinforces the security of your assets. To protect your assets against attacks, we recommend that you regularly install the latest security patches on your server, and use other security services along with Security Center, such as Cloud Firewall and Web Application Firewall (WAF).