All Products
Search

This Product

    Security Center:Release notes

    Document Center

    Security Center:Release notes

    Last Updated:Feb 28, 2026

    This topic describes the release history for Security Center and provides links to the relevant documentation.

    August-December 2025

    FeatureCategoryDescriptionRelease dateReferences
    Agentic SOCUpdatedData import supports Azure.2025-12Import Azure log data
    Vulnerability ManagementNewAdded automatic vulnerability remediation.2025-12View and handle vulnerabilities
    Agentic SOCUpdatedAutomatic response rules now support:
    • Event update as a trigger method.
    • The Add Alert to Whitelist and update owner actions.
    		2025-12Automated response rules
    Agentic SOCNewAdded the update owner feature for security event handling.2025-12Assess and handle Agentic SOC security incidents, Assess and handle CWPP security events
    Agentic SOCNewData import supports Alibaba Cloud OSS.2025-11General data import process
    Agentic SOCUpdatedCustom alerting rules support setting alert enrichment information.2025-11Rule management
    Connect to Baidu Cloud AssetsNewAdded support for Baidu Cloud.2025-11Onboard Baidu Cloud assets using an AccessKey
    Agentless DetectionUpdatedAgentless detection supports default scanning for new assets.2025-11Agentless detection, One-click onboarding policies and billing details for pay-as-you-go services
    Malicious File DetectionNewAdded the ability to handle malicious file detection results.2025-11Handle detection results
    One-click Policy ActivationUpdatedAdded Log Management, anti-ransomware, and vulnerability remediation to one-click policy activation.2025-11One-click onboarding policies and billing details for pay-as-you-go services
    Log Analysis and Log ManagementUpdatedLog Analysis and Log Management can be purchased and used together.2025-11Purchase Security Center, Migration guide for Log Analysis to Log Management
    OverviewUnpublishedThe previous version of the Overview page is unpublished.2025-11Assess and handle CWPP security events
    Anti-ransomwareUpdatedAnti-ransomware supports the pay-as-you-go billing method.2025-10Anti-ransomware service overview, Purchase Security Center, Activate and purchase the anti-ransomware service
    Agentless DetectionNewAgentless detection supports scanning AWS host assets.2025-10Agentless detection
    Cloud Security Posture Management (CSPM)UpdatedCSPM supports connecting to Volcengine assets.2025-09Onboard Volcengine assets using an AK, Add cloud assets for configuration checks
    Agentic SOCUpdatedWatchlists support scheduled updates of trusted IP address sources for Alibaba Cloud products and services to global_white_list.2025-09Observation lists
    BillingUpdatedFor the pay-as-you-go plan, a basic service fee is added. The protection edition is changed to protection level.2025-09Purchase Security Center, Billing details, [Notice] Pay-as-you-go billing change
    Agentic SOCUpdatedCustom alerting rules support setting alert entity mappings.2025-09Rule management
    Detection and Response/Agentic SOCUpdatedSecurity event handling is available to Cloud Workload Protection Platform (CWPP) users.2025-09Assess and handle Agentic SOC security incidents
    Agentic SOCNewAdded TaskContext, Threatbook, and Fortinet components to response orchestration.2025-08TaskContext, Threatbook, Third-party cloud OpenAPI component
    Attack AnalysisUpdatedMigrated to network defense alerts in Security Alerts.2025-08Manage alert information, [Notice] Changes to the Attack Analysis and Event Investigation menu
    Agentic SOCUpdatedProduct integration supports batch integration for Alibaba Cloud cloud-native products and automatic discovery of multi-account Logstore data sources.2025-08Multi-account management
    Malicious File DetectionUpdatedOSS file detection supports real-time incremental scanning in China regions.2025-08Malicious file detection

    July 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Malicious File DetectionUpdatedThe maximum file size for single malicious file detection in Object Storage Service (OSS) is increased from 500 MB to 1 GB.Editions with Malicious File Detection enabled2025-07-16Malicious file detection
    Security Orchestration, Automation and Response (SOAR)NewAdded process components.All editions2025-07-09Process component
    Agentic SOCUpdatedSupports the upgrade assessment entry for Agentic SOC 2.0.All editions2025-07-09[Notice] Agentic SOC upgrade, [Notice] Unpublish data sources of Agentic SOC 2.0 Process File Write Logs and Agentic SOC 1.0 File Read-Write Logs
    Host and Container SecurityUpdatedOnly the Ultimate Edition supports protection for Intelligent Computing LINGJUN assets, which can only be bound to the Ultimate Edition.Anti-virus, Enterprise, and Advanced2025-07-03Manage host and container security quotas
    Multi-cloud Asset AccessNewSupports integrating Google Cloud assets in global regions (excluding China).All editions2025-07-02Onboard Google Cloud assets using a service account key

    June 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Cloud Service Configuration CheckNewSupports configuration checks for Azure and AWS cloud-native AI services.Editions with CSPM enabled2025-06-18Cloud service configuration check
    AI Security Posture ManagementUpdatedAdded the AI Asset card on the Overview page.All editions2025-06-13AI security posture management
    Malicious File DetectionUpdatedSupports pay-as-you-go billing.Editions with Malicious File Detection enabled2025-06-09Malicious file detection, Billing details
    Application ProtectionUpdatedSupports pay-as-you-go billing.Editions with application protection purchased2025-06-09Billing details
    Serverless Asset ProtectionUpdatedSupports tiered billing.Editions with serverless asset protection enabled (pay-as-you-go)2025-06-09Billing details

    May 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Agentless DetectionUpdatedSupports alert notifications.Editions with agentless detection purchased (pay-as-you-go)2025-05-28Notification settings
    Security ReportUpdated
    • Optimized the security report page with a thumbnail view.
    • Integrated data from CSPM and SDK scan jobs.
    • Included attack analysis and RASP data.
    • Combined information from network, host, application, and other categories.
    • Added threat data such as weak password warnings.
    		Advanced, Enterprise, and Ultimate2025-05-16Security reports
    Log AnalysisUpdatedSupports log delivery and storage for agentless detection alerts.All editions2025-05-12Log types and field descriptions
    Overview PageUpdated
    • Optimized the purchase page for a quick overview of purchased feature usage.
    • Comprehensive asset risk summarization without manual calculations in the data center.
    • Data displayed across three stages: risk governance, security protection, and security response.
    • Added a product update card for a quick view of recent changes.
    		All editions2025-05-08Overview (new)

    April 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Anti-ransomwareUpdatedAnti-ransomware policies for databases support selecting instances.Editions with anti-ransomware enabled2025-04-29Manage anti-ransomware policies and agent
    Cloud Security Posture Management (CSPM)UpdatedCloud service configuration check supports custom check items.Editions with CSPM purchased2025-04-25Set and run check policies
    Multi-cloud Asset AccessNewSecurity Center supports adding Volcano Engine assets.All editions2025-04-02Onboard a third-party asset to Security Center

    March 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Baseline CheckUpdatedMoved to Risk Governance > CSPM > Baseline Risks in the Security Center console.Advanced, Enterprise, and Ultimate2025-03-31Baseline check
    Asset FingerprintsNewAsset fingerprints support collecting AI component information.Enterprise and Ultimate2025-03-31Investigate asset fingerprints
    Asset Exposure AnalysisNewAsset exposure analysis supports identifying AI service exposure on servers.Enterprise and Ultimate2025-03-31Asset exposure analysis
    Vulnerability ManagementNewVulnerability management supports detecting vulnerabilities in AI applications.Enterprise and Ultimate2025-03-31View and handle vulnerabilities
    Container Image ScanNewContainer image scan can tag images deployed by the Elastic Algorithm Service (EAS) of the Platform for AI (PAI) and detect plaintext sensitive information in AI API calls, such as Alibaba Cloud Model Studio API keys.Editions with container image scan purchased2025-03-31View and handle detected image risks
    Agentless DetectionNewAgentless detection supports identifying plaintext sensitive information in AI API calls, such as tokens of Alibaba Cloud PAI-EAS services.Editions with agentless detection purchased (pay-as-you-go)2025-03-31Agentless detection
    CSPMUpdatedCloud service configuration check adds AI configuration management (AI-SPM) check items.Editions with CSPM purchased or enabled2025-03-31Cloud service configuration check
    CSPMUpdatedCloud service configuration check adds Kubernetes Security Posture Management (KSPM) check items.Editions with CSPM purchased or enabled2025-03-27Cloud service configuration check
    Log ManagementDiscontinuedSecurity Center no longer supports delivering and storing network logs by using the log analysis feature or the log management feature of Agentic SOC.Editions with log storage capacity for log analysis or Agentic SOC purchased2025-03-27[Notice] Updates on log analysis and Agentic SOC features
    Defense Against Brute-force AttacksUpdatedAdded configuration items for SQL Server brute-force attacks to reduce the risk of database intrusions.Advanced, Enterprise, and Ultimate2025-03-14Defense against brute-force attacks
    Host and Container SecurityUpdatedSupports pay-as-you-go billing, allowing you to bind different Security Center editions to your servers for a more flexible security solution.All editions2025-03-14Purchase Security Center, Manage host and container security quotas
    TerraformUpdatedTerraform documentation updated to support creating Agentic SOC modules.All editions2025-03-06Activate Security Center by using Terraform

    February 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Security ControlDiscontinuedThe security control feature is discontinued in Other Settings.All editions2025-02-14Enable features on the Other Settings tab

    January 2025

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Multi-cloud Asset AccessUpdatedMulti-cloud asset access supports configuring account names to differentiate assets from different accounts of the same third-party cloud provider.All editions2025-01-12Onboard a third-party asset to Security Center
    Agentic SOCUpdatedWhen assessing whether to adopt the recommended log policy for ActionTrail logs, Security Center considers whether you have purchased a paid edition (Anti-virus, Advanced, Enterprise, or Ultimate). Without a paid edition, ActionTrail logs are not automatically added, even with the recommended Agentic SOC log policy enabled.Editions with Agentic SOC enabled2025-01-12Agentic SOC overview
    Serverless Asset ProtectionUpdatedSupports protecting Alibaba Cloud Container Compute Service (ACS) assets.Editions with serverless asset protection enabled (pay-as-you-go)2025-01-09Serverless security
    Agent StatusUpdatedThe Security Center agent status now includes Agent Offline, Server Shutdown, and Agent Uninstalled.All editions2025-01-07Install Client
    Application ProtectionUpdatedResource statistics support counting the number of PHP applications.Editions with application protection quota purchased2025-01-07View applications added to application protection feature
    Container SecurityUpdatedSupports protecting Intelligent Computing LINGJUN assets.Ultimate2025-01-02Manage container assets

    December 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Agentic SOCUpdatedWhen enabling Agentic SOC with pay-as-you-go billing, you can select the recommended log access policy. After selecting the recommended policy, the system automatically adds 14 types of logs from Alibaba Cloud Security Center, Web Application Firewall (WAF), Cloud Firewall, and ActionTrail.Editions with Agentic SOC enabled2024-12-27Agentic SOC overview
    Anti-ransomwareUpdatedThe regions supported by anti-ransomware for servers now include China (Ulanqab), China (Heyuan), and China (Guangzhou).Editions with anti-ransomware enabled2024-12-20Overview of anti-ransomware
    Agentless DetectionUpdatedAgentless detection supports incremental detection forcustom images.Editions with agentless detection enabled (pay-as-you-go)2024-12-20Agentless detection
    Agentless DetectionUpdatedAgentless detection supports handling malicious samples and sensitive files.Editions with agentless detection enabled (pay-as-you-go)2024-12-20Agentless detection
    Malicious File DetectionUpdatedIn OSS file detection, the size limit for a single file in a detection task is increased to 500 MB.Editions with Malicious File Detection enabled2024-12-18Malicious file detection
    BillingUpdatedAgentic SOC supports pay-as-you-go billing, enabling capabilities such as adding services, handling events, security alerting, and orchestration response.All editions2024-12-13Billing details
    BillingUpdatedSecurity Center instances can be switched from full protection mode to partial protection mode, allowing you to specify servers for protection and use more flexible billing and protection policies.All paid editions2024-12-12[Notice] Full protection mode upgraded to partial protection mode
    CSPMUpdatedConfiguration assessment is renamed Cloud Security Posture Management (CSPM).Editions with CSPM enabled2024-12-10CSPM overview
    Application ProtectionNewProtection for PHP applications is supported.Editions with application protection quota purchased2024-12-06Overview of application protection
    Baseline CheckUpdatedBaseline check adds operational metrics.Advanced, Enterprise, and Ultimate2024-12-03Baseline check

    November 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Container Image ScanUpdatedSensitive file information detected by the container image scan feature can be exported, including image versions and repository names.Editions with container image scan enabled2024-11-21View and handle detected image risks
    CI/CD Integration SettingsUpdatedDocumentation for Jenkins Freestyle and Pipeline projects is optimized to include detailed steps and screenshots for installing plugins and configuring image scans.Ultimate2024-11-19Install the CI/CD plug-in for a Jenkins Freestyle project, Install the CI/CD plug-in for a Jenkins Pipeline project
    Configuration AssessmentUpdatedAdded the attack path analysis feature, which scans and analyzes access paths between Alibaba Cloud services (such as a RAM role assigned to an ECS instance that controls OSS buckets) and provides visualized scan results.Editions with configuration assessment enabled2024-11-19Use the attack path analysis feature
    Agentic SOCUpdatedThe recommended log access policy for Agentic SOC is adjusted to add 14 types of logs from Alibaba Cloud Security Center, WAF, Cloud Firewall, and ActionTrail.Editions with Agentic SOC enabled2024-11-15Agentic SOC overview
    Anti-ransomwareUpdatedAnti-ransomware for databases supports viewing backup jobs.Editions with anti-ransomware enabled2024-11-15Troubleshoot the issues causing the abnormal status of an anti-ransomware policy for a database and backup tasks
    Anti-ransomwareUpdatedAnti-ransomware supports backing up data of Rocky Linux systems.Editions with anti-ransomware enabled2024-11-13Overview of anti-ransomware
    BillingUpdatedSupports enabling Agentic SOC in the subscription billing method by using Terraform.All editions2024-11-04Activate Security Center by using Terraform

    October 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Container MicrosegmentationUpdatedContainer firewall is renamed container microsegmentation.Ultimate2024-10-31Container microsegmentation
    Container Image ScanUpdatedGitLab image repository can be scanned.Ultimate2024-10-31Configure and perform image security scans
    ContainerUpdatedGitLab image repository is added.Ultimate2024-10-31Add image repositories to Security Center
    Anti-ransomwareUpdatedAdded the option to exclude non-local mount paths in the anti-ransomware policy for servers.Editions with anti-ransomware enabled2024-10-30Create an anti-ransomware policy and manage the anti-ransomware agent
    Application ProtectionUpdatedWhitelist can be configured to limit access to Runtime Application Self-Protection (RASP).Editions with application protection quota purchased2024-10-30Enable application protection
    Agentic SOCUpdatedAlerts generated by Cloud Workload Protection Platform (CWPP) and Agentic SOC are merged onto one page.All editions2024-10-24
    Defense Against Brute-force AttacksUpdatedSecurity Center Advanced edition supports installing the alinet plug-in to improve protection effectiveness. You can also use the cloud dynamic defense model to strengthen the security system.Advanced2024-10-24[Notice] Updated Defense Against Brute-force Attacks of Security Center
    Application ProtectionUpdatedManual access for containers is upgraded, and custom installation of RASP agent is supported.Editions with application protection quota purchased2024-10-21Enable application protection
    Core File MonitoringUpdatedWindows servers can be monitored.Enterprise and Ultimate2024-10-16Use the core file monitoring feature
    Proactive Defense for ContainersUpdatedAdded container image limits to activate rules for non-image program defense.Ultimate2024-10-16Use the feature of proactive defense for containers
    Log AnalysisUpdatedCore file monitoring event logs are supported for delivery and storage.Enterprise and Ultimate2024-10-15Log types and field descriptions
    Anti-ransomwareUpdatedAnti-ransomware for databases supports backing up data from MySQL 8.0.Editions with anti-ransomware enabled2024-10-11Anti-ransomware service overview
    Agentless DetectionUpdatedServers in the China (Chengdu) region are supported for agentless detection.Editions with agentless detection enabled (pay-as-you-go)2024-10-09Agentless detection

    September 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Serverless Asset ProtectionUpdatedSecurity assessment is supported across Serverless App Engine (SAE) products.Editions with serverless asset protection enabled (pay-as-you-go)2024-09-30Serverless security
    Asset Exposure AnalysisUpdatedApsaraDB RDS, Tair (Redis OSS-compatible), and ApsaraDB for MongoDB are added to supported asset types for detection.Enterprise and Ultimate2024-09-27Asset exposure analysis
    Agentic SOCUpdatedThe attack timeline tab on the security event details page is optimized to include timeline cards with alerts and log evidence, as well as the source tracing diagram. This supports automated tracing of suspicious attack paths. The tracing diagram includes alerts, logs, vulnerabilities, baselines, assets, and entities, with options to view detailed information.Editions with Agentic SOC enabled2024-09-24Security incident response
    Agentic SOCUpdatedThe public preview of the cold data storage solution for Agentic SOC log management is ended and the solution is unpublished.Editions with Agentic SOC enabled2024-09-12[Notice] Public preview of the cold data storage feature of Agentic SOC ends and the feature is unpublished
    Multi-cloud Configuration ManagementUpdatedThe process for adding multi-cloud assets is optimized. When adding Azure assets, the SubscriptionId configuration is no longer required.All editions2024-09-05Onboard a third-party asset to Security Center

    August 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Agentic SOCUpdatedAdded the aliyuncloudOpenAPI basic orchestration group.Editions with Agentic SOC enabled2024-08-30SOAR
    Agentic SOCUpdatedLogs from third-party cloud services such as Chaitin WAF and FortiGate Firewall can be added to Agentic SOC.Editions with Agentic SOC enabled2024-08-20Ingest cloud product logs
    Application ProtectionUpdatedRuntime circuit breaking feature is available.Editions with application protection enabled2024-08-19Enable application protection
    Configuration AssessmentUpdated
    • Pay-as-you-go billing is changed to tiered pricing.
    • Subscription billing is changed to tiered pricing.
    		Editions with configuration assessment enabled2024-08-19Billing details, CSPM overview
    Application ProtectionUpdatedAI-powered analysis is available for attack alerts and in-memory webshell detection alerts, providing detailed explanations and reasoning.Editions with application protection enabled2024-08-16Handle attack alerts
    Configuration AssessmentUpdated
    • The number of free check items is increased.
    • Whitelist policy management feature is added.
    		All editions2024-08-02CSPM overview, Set and run check policies
    Serverless Asset ProtectionUpdated
    • Public preview is complete and the serverless asset protection feature is available for commercial use.
    • Elastic Container Instances (ECI), ACK Serverless cluster, and Serverless App Engine can be added for security risk detection.
    		All editions2024-08-02Serverless security
    Application ProtectionUpdatedA toggle for decompiling Java files is available on the details page of in-memory webshell detection alerts.Editions with application protection enabled2024-08-01Use the in-memory webshell prevention feature
    Log AnalysisUpdatedV2.0 log dictionaries are released and the upgrade from V1.0 to V2.0 is available.Editions with log analysis enabled2024-08-01[Notice] Log dictionaries are upgraded, Log types and field descriptions

    July 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Malicious File DetectionUpdatedMalicious File Detection can decrypt and check OSS objects encrypted with server-side encryption.Editions with Malicious File Detection enabled2024-07-26Malicious file detection
    Agentless DetectionUpdatedAgentless detection enables the snapshot feature and the image check feature.Editions with agentless detection enabled (pay-as-you-go)2024-07-08Agentless detection
    Agentic SOCUpdatedSOAR playbook can be copied.Editions with Agentic SOC enabled2024-07-03SOAR
    Core File MonitoringUpdatedAdded a best practice document for configuring the core file monitoring feature, including monitoring rule configurations and examples.Enterprise and Ultimate2024-07-01Best practices for configuring the core file monitoring feature

    June 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Malicious File DetectionUpdatedAPI-based malicious file detection results are displayed in the at-risk files list in the Security Center console.Editions with Malicious File Detection enabled2024-06-28Malicious file detection
    Malicious File DetectionUpdatedMalicious file detection logs can be delivered to the Logstore dedicated to Security Center.Editions with Malicious File Detection enabled2024-06-28Malicious file detection logs
    Malicious File DetectionUpdatedDingTalk chatbots can be added to send notifications for real-time alerts on detected malicious files in a specified DingTalk group.Editions with Malicious File Detection enabled2024-06-28DingTalk notifications
    Vulnerability ManagementUpdatedVulnerability management supports scanning servers that use SUSE and Kylin operating systems.All editions2024-06-20Overview of vulnerability management
    Application ProtectionUpdated
    • Statistics on application processes are collected with a list of application processes provided.
    • Assets with detected application vulnerabilities can be added to Application Protection from the Application Vulnerability tab of the Vulnerabilities page.
    • Vulnerability prevention statistics and trend chart are provided on the Application Analysis tab of the Application Protection page.
    		Editions with application protection quota purchased2024-06-19Overview of application protection
    Agentic SOCUpdatedEdgeRoutine logs, access logs, and WAF logs of Dynamic Content Delivery Network (DCDN) can be added to Agentic SOC for threat detection, event handling, SOAR, and log storage.Editions with Agentic SOC enabled2024-06-19Agentic SOC overview
    Baseline CheckUpdatedDebian 10, Debian 11, Debian 12, and TencentOS Server 3.1 are supported.Advanced, Enterprise, and Ultimate2024-06-19Baseline check
    Baseline CheckUpdatedThe maximum size of a weak password file that you can upload is increased to 40 KB.Advanced, Enterprise, and Ultimate2024-06-07Baseline check
    Installation of the Security Center AgentUpdatedKylin V7 and Red Hat Enterprise Linux (RHEL) 9 are supported.All editions2024-06-06Operating systems supported by the Security Center agent
    Log AnalysisUpdatedAgent event logs are supported for delivery and storage.Editions with log analysis enabled2024-06-06Log types and log fields of the V1.0 log dictionaries

    May 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Container Image ScanUpdatedContainer image scan is supported for the China (Ulanqab) region.Editions with container image scan enabled2024-05-31Overview of container image scan
    ContainerUpdatedRisk detection results of a single image can be exported.Ultimate2024-05-31Manage container assets
    PurchaseUpdatedWhen you purchase Security Center with the subscription billing method, the Protected Servers and Cores parameters can be specified based on your requirements. After purchase, you can manage the quotas.Anti-virus, Advanced, Enterprise, and Ultimate2024-05-30Manage host and container security quotas
    AlertsUpdatedThe Suspicious process - Suspicious command alert is renamed Suspicious process - Suspicious probe command.Anti-virus, Advanced, Enterprise, and Ultimate2024-05-22Overview of alerts
    Application ProtectionUpdatedThe attack alert details panel text is optimized.Editions with application protection purchased2024-05-15Handle attack alerts
    Malicious File DetectionUpdatedThe maximum file size for Malicious File Detection is increased from 20 MB to 100 MB.Editions with Malicious File Detection purchased2024-05-14Malicious file detection
    Configuration AssessmentUpdated
    • The number of free check items is increased from 25 to more than 60 in Security Center Basic.
    • These check items do not consume your purchased quota.
    		Editions with configuration assessment purchased or enabled (pay-as-you-go)2024-05-11Overview of configuration assessment
    Agentic SOCUpdatedThe time picker and filter conditions on the Security Incident page are optimized.Editions with Agentic SOC enabled2024-05-09Security incident response

    April 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Agentic SOCUpdated
    • Tiered pricing is used for log data added to Agentic SOC. You are charged based on the size of logs delivered for hot storage.
    • Agentic SOC decouples analysis and handling capabilities (alerting, security event handling, SOAR) from log storage, allowing you to choose whether to purchase log storage capacity.
    • A global administrator account can be configured to manage all security events in multiple Alibaba Cloud accounts centrally.
    		Editions with Agentic SOC enabled2024-04-26[Notice] Billing rules of Agentic SOC are changed
    Application ProtectionNewAdded the in-memory webshell prevention feature to detect threats hidden in memory.Editions with application protection enabled2024-04-17Use the in-memory webshell prevention feature
    Configuration AssessmentUpdatedQuick fixing is provided for more than 50 check items.Editions with configuration assessment purchased or enabled (pay-as-you-go)2024-04-17Set and run check policies
    Anti-ransomware (Bait Capture)UpdatedLinux servers are supported.Advanced, Enterprise, and Ultimate2024-04-17Enable features on the Host Protection Settings tab
    Baseline CheckUpdatedThe baseline type of Center for Internet Security (CIS) compliance is renamed internationally agreed best practices for security.Advanced, Enterprise, and Ultimate2024-04-11Baseline check
    Malicious File DetectionUpdatedFile packages can be decompressed for malicious file detection.Editions with Malicious File Detection enabled2024-04-11Malicious file detection
    Agentic SOC - Log ManagementNew
    • The Log Search page is renamed Log Management.
    • The log search capability is renamed hot data.
    • Cold data storage is added to provide storage capabilities at lower costs.
    		Editions with Agentic SOC enabled2024-04-02Manage logs
    Configuration AssessmentUpdatedIn the Security Center console, accounts on the China site (aliyun.com) can perform RAM-related checks only on assets in China regions, and accounts on the international site (alibabacloud.com) can perform RAM-related checks only on assets in regions outside China. Historical scan results are retained in the regions of the assets.Editions with configuration assessment purchased or enabled (pay-as-you-go)2024-04-01[Configuration assessment] RAM-related check items are supported only in the regions where Alibaba Cloud accounts are created

    March 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Agentic SOCUpdatedThe threat analysis feature is renamed Agentic SOC.Editions with Agentic SOC enabled2024-03-29Agentic SOC overview
    Container File ProtectionUpdatedA process whitelist and a file path whitelist can be configured when creating a rule for container file protection.Ultimate2024-03-19Use the container file protection feature
    Malicious File DetectionUpdatedAdware, cracking programs, and private game servers can be detected.Editions with Malicious File Detection enabled2024-03-01Malicious file detection

    February 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Core File MonitoringUpdatedDingTalk chatbot alert notifications are supported for core file monitoring.Enterprise and Ultimate2024-02-23Notification settings
    Baseline CheckUpdatedCustom weak password rules can be added to existing weak password rules.Advanced, Enterprise, and Ultimate2024-02-22Baseline check
    Application ProtectionUpdated
    • Protection policy groups can be configured to manage check types and detection modes (standard, loose, and strict).
    • The whitelist entry point is added on the Application Protection > Attack Alerts tab.
    		Editions with application protection enabled2024-02-22Enable application protection
    Configuration AssessmentUpdatedPay-as-you-go billing method is supported.All editions2024-02-19Overview of configuration assessment
    Agentless DetectionUpdatedAgentless detection is available for commercial use and is no longer free. If you enabled this feature free of charge, you can continue using it until the public preview ends on March 5, 2024. After that date, you must enable it with pay-as-you-go billing.All editions2024-02-02Public preview of agentless detection ends

    January 2024

    FeatureCategoryDescriptionAffected editionsRelease dateReferences
    Security ReportUpdatedThe Security Report page in the Security Center console is optimized.Advanced, Enterprise, and Ultimate2024-01-31Security reports
    OverviewUpdatedThe content of the security information module is optimized.All editions2024-01-29Overview page (old version)
    Risk GovernanceUpdatedThe risk management module is renamed risk governance.All editions2024-01-26None
    Configuration AssessmentUpdatedIf you do not purchase a quota for configuration assessment, 25 check items are provided free of charge.All editions2024-01-19Overview of configuration assessment
    Vulnerability ManagementUpdatedThe Show Only Exploitable Vulnerabilities feature is supported when you select Outside China as the asset region.All editions2024-01-05View and handle vulnerabilities

    Earlier release notes

    For release notes of Security Center earlier than 2024, see Release notes (before 2024).