This topic provides a brief introduction to the Overview page of the Security Center console. The Overview page is a security operations center for your Alibaba Cloud services. The page displays the information about your assets, including the security score, risks, security trends, and brief asset information. The page also provides entry points to upgrade and renew Security Center, and increase related quotas. You can perform security operations on your assets in a centralized manner on the Overview page.
Background information
On the Overview page of the Security Center console, you can view the security information about your assets and perform operations based on your business requirements. You can view the following information on the Overview page:
Secure Score
Improve the security score
The Secure Score section displays a security score that is calculated based on the security status of your assets. A higher score indicates fewer risks in your assets.
Log on to the Security Center console. On the Overview page, click Fix Now. In the Security Risk panel, you can view the penalty point for detected risks. If you want to handle risks of a specific type, you can click Process Now to the right of the type. On the page that appears, you can view the details of specific risks and handle the risks based on the risk details or the solutions that are provided.
The Security Risk panel displays the following types of risks that you must handle at the earliest opportunity:
Configuration risks of core features
Create an anti-ransomware policy. For more information, see Overview.
Unhandled alert events.
Handle the alert events. For more information, see View and handle alert events.
Unfixed vulnerabilities.
Fix the vulnerabilities. For more information, see View and handle vulnerabilities.
Baseline risks.
Handle the baseline risks. For more information, see Baseline check.
AccessKey pair leaks.
Handle the leak events on AccessKey pairs. For more information, see Detection of AccessKey pair leaks.
Configuration risks of cloud services.
Handle the configuration risks of cloud services. For more information, see Configuration assessment.
Security Center Anti-virus does not support the baseline check or attack awareness feature. Therefore, the items that are related to the features are not included when Security Center Anti-virus calculates the security score of your assets.
Security scores
The following table describes the ranges of scores and deduction items.
Security score | Description | Font color |
95 to 100 | Your assets are secure. | Green |
85 to 94 | Your assets are exposed to a few of security risks. We recommend that you reinforce the security of your system at the earliest opportunity. | Yellow |
70 to 84 | Your assets are exposed to a large number of security risks. We recommend that you reinforce the security of your system at the earliest opportunity. | Yellow |
69 or lower | Your assets are at high risk. We recommend that you reinforce the security of your system at the earliest opportunity. | Red |
Deduction items
The maximum security score is 100, and the minimum security score is 10.
If the security score is greater than 60 after penalty points are endorsed but unhandled alerts are detected, the final score is still 60.
If the security score is greater than 80 after penalty points are endorsed but unhandled alerts or vulnerabilities are detected, the final score is still 80.
If the security score is greater than 90 after penalty points are endorsed but unhandled baseline risks are detected, the final score is still 90.
All paid editions in the following table indicate the Anti-virus, Advanced, Enterprise, and Ultimate editions of Security Center.
Category (maximum penalty point) | Edition | Deduction item | Penalty point | Suggestion |
Configuration risks of core features (20) | All paid editions | Web tamper proofing is disabled. | 5 | |
Basic | No rules are configured to prevent brute-force attacks. | 2 | ||
Basic | Quick installation of the Security Center agent is not authorized. | 2 | If this is the first time that you use this feature, obtain the required permissions. | |
Advanced, Enterprise, and Ultimate | Configuration assessment is not authorized. | 2 | If this is the first time that you use this feature, obtain the required permissions. | |
All paid editions | Log analysis is disabled. | 2 | ||
All paid editions | Antivirus is disabled. | 2 | ||
All paid editions | No anti-ransomware policies are created. | 15 | ||
All paid editions | Periodic virus detection is disabled. | 5 | ||
Advanced, Enterprise, and Ultimate | Container images that can be scanned are not specified. | 5 | ||
Ultimate | Kubernetes threat detection is disabled. | 5 | ||
Unhandled alert events (25) | All paid editions | Unhandled high-risk alert events are detected. | 20 | |
All paid editions | Unhandled medium-risk alert events are detected. | 20 | ||
All paid editions | Unhandled low-risk alert events are detected. | 20 | ||
Unfixed vulnerabilities (20) | Advanced, Enterprise, and Ultimate | Unfixed Web-CMS vulnerabilities are detected. | 2 | |
Advanced, Enterprise, and Ultimate | Unfixed Windows system vulnerabilities are detected. | 2 | ||
Advanced, Enterprise, and Ultimate | Unfixed Linux software vulnerabilities are detected. | 2 | ||
Advanced, Enterprise, and Ultimate | Unfixed urgent vulnerabilities are detected. | 5 | ||
Advanced, Enterprise, and Ultimate | Urgent vulnerabilities exist but are not detected. If no Elastic Compute Service (ECS) instances are used, no penalty points are endorsed. | 3 | ||
Baseline risks (10) | Enterprise and Ultimate | Baseline risks are detected. | 1 | |
Configuration risks of cloud services (10) | Advanced, Enterprise, and Ultimate | Check items that are of the Cloud Infrastructure Entitlement Management (CIEM) type and failed to pass a check. | 3 | |
Check items that are of the security risk type and failed to pass a check. | 5 | |||
Check items that are of the compliance risk type and failed to pass a check. | 2 | |||
AccessKey pair leaks (15) | All editions | AccessKey pair leaks are detected. | 15 |
Edition and protection details
The section in the upper-right corner of the Overview tab displays the Security Center edition that you use, the date on which Security Center expires, and the statistics about your assets. The statistics include Total Assets, Purchased Quota, Remaining licenses, Unprotected assets (ECS), Remaining Anti-ransomware Capacity, Remaining Log Storage Capacity, Security capability enabled, Virus Library Version, and System Vul scan time.
You can perform the following operations in this section:
Try Security Center Ultimate: If you use Security Center Basic and meet the requirements to apply for a free trial, click Try Now to start the free trial of Security Center Ultimate. For more information, see Apply for a 7-day free trial of Security Center.
Purchase Security Center: Click Buy Now to purchase Security Center. For more information about the features that each edition supports, see Functions and features. For more information about how to purchase Security Center, see Purchase Security Center.
Upgrade Now: If you use the Anti-virus, Advanced, Enterprise, or Ultimate edition of Security Center and want to upgrade Security Center or increase the number of protected servers, the quota for cores of servers that you want to protect, or the purchased quota of a value-added feature, click Upgrade Now. You can also click Upgrade Now to separately enable value-added features. For more information, see Upgrade and downgrade Security Center.
Renewal: If you use the Anti-virus, Multi-edition, Advanced, Enterprise, Ultimate, or Value-added Plan edition of Security Center and want to renew Security Center before it expires, click Renewal. For more information, see Renew the subscription to Security Center.
Install the Security Center agent: If you want to install the Security Center agent on unprotected servers, click Install now below Unprotected assets (ECS) to go to the Agent tab of the Feature Settings page. Then, install the Security Center agent on the unprotected servers to protect the servers. For more information, see Install the Security Center agent.
Purchase additional capacity: If the available anti-ransomware capacity or log storage capacity is less than 10%, click Upgrade to purchase additional anti-ransomware capacity or log storage capacity.
Security risks
The Security risk section displays the following information: Unhandled Alerts, Unfixed Vul, Baseline Risks, Cloud Platform Configuration Assessment, AccessKey Leak, Image security scan, and Tamper Protection. 
The following table describes the details.
Type | Description |
Unhandled Alerts | This section displays the total number of unhandled alerts on your assets and the numbers of alerts at different risk levels. The alerts generated by Security Center are classified into the following risk levels:
You can click the number below Unhandled Alerts to go to the Alerts page to view and handle alerts. For more information, see View and handle alert events. |
Unfixed Vul | This section displays the total number of unfixed vulnerabilities in your assets. You can click the number below Unfixed Vul to go to the Vulnerabilities page to view and handle vulnerabilities. For more information, see Vulnerability fixes. |
Baseline Risks | This section displays the number of baseline risks in your assets. You can click the number below Baseline Risks to go to the Baseline Check page to view and handle baseline risks. For more information, see View baseline check results and handle baseline risks. |
Cloud Platform Configuration Assessment | This section displays the risks in the baseline configurations of your cloud services. You can click the number below Config Assessment to go to the Cloud Platform Configuration Assessment page to view and handle the detected risks in the configurations of your cloud services. For more information, see Configuration assessment. |
AccessKey Leak | This section displays the total number of unhandled AccessKey pair leaks on your assets. You can click the number below AccessKey Leak to go to the AK leak detection page to view and handle AccessKey pair leaks. For more information, see Detection of AccessKey pair leaks. |
Image security scan | This section displays the total number of unhandled risks and vulnerabilities in your images. You can click the number below Image security scan to go to the Image Security page to view and handle image risks and vulnerabilities. For more information, see Scan images. |
Tamper Protection | This section displays the total number of tampered web pages in your assets. You can click the number below Tamper Protection to go to the Tamper Protection page to view and handle the tampering risks. For more information, see Overview. |
Security operations trend
The Security Operations Trend section displays the trends of the numbers of alerts, vulnerabilities, and baseline risks within a specific time range in a column chart. The section also displays the trends of the numbers of detected risks and handled risks in the current day in a line chart. Risks that are ignored, handled, or added to a whitelist are considered handled risks. By default, this section displays the statistics in the last seven days. You can specify a time range or set the time range to Last 30 days. 
You can click the legends below the chart to show or hide specific statistics.
Security Information
The Security Information section displays the most recent security information. 
Entry points to Security Center documentation
The Help Center section provides the entry points to Security Center documentation. The documentation covers the following content: introduction, tutorials, features, alert handling methods, and best practices. You can click a topic title to view the topic. 