Security Center Basic provides you with basic features to harden the security of your assets. You can use these features to detect risks on your assets. The risks include unusual logons to your servers, DDoS attacks, common vulnerabilities on your servers, and configuration risks of Alibaba Cloud services. You need to only install the Security Center agent on your servers to use the security protection features provided by Security Center Basic free of charge.
Intended users
Security Center Basic is suitable for enterprises and individual users who need to manage servers in a centralized manner. Security Center Basic supports Alibaba Cloud Elastic Compute Service (ECS) instances and servers that are not deployed on Alibaba Cloud, including servers in data centers.
Features
| Feature | Description | References |
|---|---|---|
| Vulnerability detection | This feature detects Linux software vulnerabilities, Windows system vulnerabilities, and Web-CMS vulnerabilities. Security Center automatically scans your servers every two days. You can view the vulnerabilities detected on your servers on the Vulnerabilities page. | Overview |
| Urgent vulnerability detection (warning for major security events) | This feature detects high-risk vulnerabilities that are recently exposed on the Internet. This helps you identify critical vulnerabilities on your servers at the earliest opportunity and reduces the risk of intrusions into your servers. | View and handle urgent vulnerabilities |
| Unusual logon detection | The alerting feature detects logons from disapproved locations and brute-force attacks, and generates alerts. This helps you identify unusual logons at the earliest opportunity and reduces the risk of system attacks. | Overview |
| Detection of AccessKey pair leaks or unusual calls of AccessKey pairs | This feature checks the usernames and passwords in source code stored on platforms such as GitHub in real time. This helps you detect leaks of the usernames and passwords for your assets. If leaks are detected, Security Center generates alerts. This helps you detect and handle potential AccessKey pair leaks at the earliest opportunity. | Detection of AccessKey pair leaks |
| Configuration assessment | This feature checks whether the configurations of your Alibaba Cloud services pose risks. Security Center Basic checks multiple items. The check items include Cloud Platform - Root Account's Two-Factor Authentication Configuration, Cloud Security - Agent Online Status, and ECS - Disk Encryption. | Overview |
| Compliance check | Security Center provides you with the classified protection compliance check and ISO 27001 compliance check features. These features help you build systems that meet the requirements of classified protection and attain the ISO 27001 certification. | Classified protection compliance check |
How to use Security Center Basic
- Alibaba Cloud ECS instances
When you purchase an ECS instance, select Security Hardening. This way, the agent is automatically installed on your ECS instance. Alternatively, install the agent on your ECS instance in the Security Center console. For more information, see Install the Security Center agent.
- Servers that are not deployed on Alibaba Cloud
Manually install the agent on your server in the Security Center console. For more information, see Manually install the Security Center agent on your server.
How to apply for a 7-day free trial of Security Center Ultimate
If you have purchased an ECS instance, you can apply for a 7-day free trial of Security Center Ultimate. Security Center Ultimate provides comprehensive features. The features include container image scan, threat detection on Kubernetes containers, asset fingerprints, and attack analysis. For more information about how to apply for a free trial, see Apply for a free trial of Security Center Ultimate.