This topic describes the release notes for Security Center and provides links to the relevant references.
October 2023
Feature | Category | Description | Involved edition | Release date | References |
Threat analysis - Service integration | Feature iteration | Alert logs of Tencent Cloud Web Application Firewall (WAF) and Cloud Firewall (CFW), and Huawei Cloud WAF and CFW can be added to threat analysis for centralized management. | Value-added service | 2023-10-30 | |
Alerts | New feature | The capability of large model analysis is supported to perform online analysis and describe alerts. This helps you understand the risks of assets. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-10-27 | |
Security score | Feature iteration | A deduction item is added to the deduction module named Key function configure of the security score feature. The deduction item is used to check whether users who purchase the quota for application protection create application groups. | Value-added service | 2023-10-25 | |
Image scan | Feature iteration | The alerts that are generated for scans of sensitive image files can be handled. | Ultimate | 2023-10-20 | |
Threat analysis - Log search | Feature iteration |
| Value-added service | 2023-10-19 | |
Threat analysis | Feature iteration | The threat analysis configurations and cloud service security logs that are generated in data management centers (China and Outside China) can be separately stored and managed to meet compliance requirements. | Value-added service | 2023-10-18 | |
Application protection | New feature | The weakness analysis feature is supported. The feature supports detection of weak configurations during application runtime and helps identify weaknesses that can be exploited by attackers. | Value-added service | 2023-10-18 | |
Non-image program defense | Feature iteration | Custom rules can be created for the feature of non-image program defense. | Ultimate | 2023-10-10 |
September 2023
Feature | Category | Description | Involved edition | Release date | References |
Baseline check | Feature iteration | The baselines against the Center for Internet Security (CIS) benchmark are supported for the baseline check feature. The baselines are suitable for the master node and worker nodes in a Kubernetes cluster. | Ultimate | 2023-09-30 | |
Configuration assessment | Feature iteration | The configuration assessment feature is updated to detect configuration risks of cloud services deployed on third-party cloud service platforms, including Tencent Cloud and Amazon Web Services (AWS). | Value-added service | 2023-09-25 | |
Baseline check | Feature iteration | The baselines against the Center for Internet Security (CIS) benchmark are supported when containerd is used. The baselines are suitable for Alibaba Cloud Container Service for Kubernetes (ACK) pods and Kubernetes pods. | Ultimate | 2023-09-28 | |
Log analysis | Feature iteration | in and out fields are added to network session logs to identify the data transmission direction of a network session. | Value-added service | 2023-09-21 | |
Security score | Feature iteration | A deduction item is added to the deduction module named Key function configure of the security score feature. The deduction item is used to detect threats of containers. | Ultimate | 2023-09-20 | |
Protection mode management | Feature iteration | The protection mode management is split into the features of alert settings and client resource management. | All editions | 2023-09-13 | |
Container escape prevention | Feature iteration | System rules and custom rules are supported by the container escape prevention feature. | Ultimate | 2023-09-08 |
August 2023
Feature | Category | Description | Involved edition | Release date | References |
Threat analysis - Security Orchestration Automation Response (SOAR) | Feature iteration | The Alert Trigger mode is added to automatic response rules. This way, the system can automatically run playbooks to perform operations on the alert-triggering objects, such as blocking IP addresses, quarantining files, and detecting and removing processes. | Value-added service | 2023-08-28 | |
Vulnerability fixing | Feature iteration | New error codes about vulnerability fixing failures are added. The error codes are 127 and 8080. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-08-24 | |
Agentless detection | New feature |
| Advanced, Enterprise, and Ultimate | 2023-08-22 | |
Alerts | Feature iteration | Alerts that are generated for malicious network activities are no longer supported in Security Center. This helps improve detection capabilities. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-08-18 | |
Notification | New feature | The notifications of running anti-ransomware backup tasks or restoration tasks can be sent. | Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan in which the anti-ransomware capacity is purchased | 2023-08-14 | |
Non-image program defense | Feature iteration | The untrusted process defense feature is renamed non-image program defense. | Ultimate | 2023-08-11 | |
Manage ECS instances across accounts | Discontinued feature | Elastic Compute Service (ECS) instances can no longer be managed as external hosts. If you install the Security Center agent on an ECS instance that belongs to a different Alibaba Cloud account by using installation commands and add the ECS instance to Security Center for protection, the ECS instance is considered an external host managed by Security Center. If you want to manage ECS instances that belong to different Alibaba Cloud accounts, use the multi-account management feature. | All editions | 2023-08-10 | |
Threat analysis | Feature iteration | The logs of the configuration assessment feature of Security Center can be added to threat analysis for analysis and query. | All editions | 2023-08-02 | |
Anti-ransomware | Feature iteration | The Internet and private networks are supported when you configure protection policies for servers that are not deployed on Alibaba Cloud. | Value-added service | 2023-08-02 | |
Terraform | New feature | Security Center can be activated by using Terraform. | All editions | 2023-08-01 |
July 2023
Feature | Category | Description | Involved edition | Release date | References |
Alerting | Feature iteration | Cloud threat detection is available in Security Center Basic. Users of the Basic, Anti-virus, and Advanced editions can view the details of cloud threat detection. | Basic, Anti-virus, and Advanced | 2023-07-31 | |
Anti-ransomware | Feature iteration | The following regions are newly supported by anti-ransomware: Singapore, Philippines (Manila), and SAU (Riyadh). | Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan in which the anti-ransomware capacity is purchased | 2023-07-25 | |
Notification | New feature | Notifications of excessive anti-ransomware capacity can be sent. | Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan in which the anti-ransomware capacity is purchased | 2023-07-21 | |
SDK for malicious file detection | New feature | SDK for malicious file detection is released. The feature is developed based on various threat detection engines of Security Center. The feature provides easy-to-use malicious file detection and Object Storage Service (OSS) object detection that can help you identify malicious objects. | Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan in which the quota on SDK for malicious file detection is purchased | 2023-07-20 | |
Threat analysis - Disposal center | New feature | The disposal center is provided by the threat analysis feature to display event handling policies and tasks by event. This helps you view event handling details in a centralized manner. | Value-added service | 2023-07-19 | |
Vulnerabilities | Feature iteration | The feature is supported for Anti-virus and Value-added Plan editions. You must purchase the quota for vulnerability fixing before you can use the vulnerability fixing feature. | Anti-virus and Value-added Plan | 2023-07-18 | |
Application protection | Feature iteration | The application protection feature is available for commercial use and can no longer be enabled free of charge. If you have enabled the feature free of charge, you can continue using it until the public preview ends on August 17, 2023. | Advanced, Enterprise, and Ultimate | 2023-07-18 | |
Service | Feature iteration | The service name is changed to Security Center. | All editions | 2023-07-15 | |
Agent | Feature iteration | The supported operating systems of the Security Center agent and the supported operating systems of the client protection feature are updated. | All editions | 2023-07-14 | |
Application protection | New feature | The Application Analysis tab is added. You can view statistics of application protection on this tab, including analysis results of application behavior in the last seven days and application access statistics. | Advanced, Enterprise, and Ultimate | 2023-07-14 | |
Detection of AccessKey pair leaks | Feature iteration | The triggering of alerts on AccessKey pair leaks is optimized. Security Center sends an alert notification to you only when an AccessKey pair leak is detected and the AccessKey secret is valid. | All editions | 2023-07-14 | |
Agentless detection | Feature iteration |
| Advanced, Enterprise, and Ultimate | 2023-07-14 | |
Installation of Security Center agent | Feature iteration | The installation commands for Windows servers are optimized. Installation commands for Command Prompt and PowerShell are provided for Windows servers. | All editions | 2023-07-14 | |
Configuration assessment | Feature iteration | Check items can be customized. You are charged based on the number of times that each check item is used. | All editions | 2023-07-13 |
June 2023
Feature | Category | Description | Involved edition | Release date | References |
Security score | Feature iteration | The security score feature is optimized. Security Center allows you to customize penalty points for each deduction module based on your business requirements. | All editions | 2023-06-30 | |
Exposure analysis | New feature | The exposure analysis feature is provided to identify the clusters that are exposed on the Internet. | Ultimate | 2023-06-28 | |
Anti-ransomware | Feature iteration | The entry point to backup tasks is provided. You can view the details of backup tasks and the error messages of failed backup tasks. | All editions | 2023-06-20 | Troubleshoot the issues that cause the abnormal status of the anti-ransomware agent and backup tasks |
Overview | Feature iteration | The Overview tab of the Overview page is optimized. You can view the information about Security Center, such as the agent installation rate, agent online rate, and distribution of servers by operating system. | All editions | 2023-06-08 | |
Alerts | Feature iteration | Remarks can be entered when you handle alerts. This helps you manage the handled alerts. | All editions | 2023-06-08 |
May 2023
Feature | Category | Description | Involved edition | Release date | References |
Application protection | Feature iteration | The process of automatic access is optimized. The Select Asset dialog box is added, which allows you to add assets for application protection by using the automatic access method in an easier manner. | Advanced, Enterprise, and Ultimate | 2023-05-31 | |
Downgrade | Feature iteration | The value of the Protected Servers or vCore parameter can be decreased when you downgrade Security Center. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-05-25 | |
Container asset overview | Feature iteration | The container network topology feature is renamed the container asset overview feature. | Ultimate | 2023-05-11 | |
SOAR | New feature | SOAR is launched. SOAR is a comprehensive security solution in which different systems and services are orchestrated and connected based on specific logic. This solution supports automated orchestration and quick response during security O&M. | Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan in which the threat analysis feature is purchased | 2023-05-10 | |
Virus blocking | Feature iteration | The virus blocking feature is renamed the malicious behavior defense feature. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-05-05 | |
Proactive defense for containers | Feature iteration | Alert events that are generated by the feature of proactive defense for containers are moved to the Alerts page. The container escape prevention feature and the untrusted process defense feature are integrated and moved to the Proactive Defense for Containers page. | Ultimate | 2023-05-05 |
April 2023
Feature | Category | Description | Involved edition | Release date | References |
Application protection | New feature | The application protection feature is released. The Java processes of servers and containers can be added to the application protection feature by using the automatic access method. If you use the automatic access method, you do not need to restart the processes. This helps ensure business continuity. | Advanced, Enterprise, and Ultimate | 2023-04-23 | |
Vulnerabilities | Feature iteration | The issues that cause vulnerability fixing failures are displayed in the Security Center console. The "Troubleshoot the issues that cause vulnerability fixing failures" topic is also provided. You can handle vulnerability fixing failures based on the topic. | Advanced, Enterprise, and Ultimate | 2023-04-20 | Troubleshoot the issues that cause vulnerability fixing failures |
Security score | Feature iteration | The deduction items for the security score are optimized. The maximum penalty point of each module is also limited. | All editions | 2023-04-20 | |
Threat analysis | New feature | The threat analysis feature is released. The feature collects the security logs and alerts of multiple Alibaba Cloud accounts and cloud services. Then, the feature aggregates and analyzes the logs and alerts based on built-in threat detection rules to detect unknown threats. The feature also allows you to configure custom rules. | Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan in which the threat analysis feature is purchased | 2023-04-18 | |
Container file protection | New feature | The container file protection feature is released. The feature monitors directories and files in containers in real time, and generates alerts or intercepts tampering operations when the directories or files are tampered with. This prevents applications from being inserted with illegal information or malicious code. | Ultimate | 2023-04-13 | |
Virus detection and removal | Feature iteration | The antivirus feature is renamed the virus detection and removal feature. The custom directory scan feature is also released. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-04-07 |
March 2023
Feature | Category | Description | Involved edition | Release date | References |
Multi-cloud configuration management | New feature | Microsoft Azure virtual machines can be added to Security Center for protection. | All editions | 2023-03-31 | |
Multi-account management | Feature iteration |
| Anti-virus, Advanced, Enterprise, and Ultimate | 2023-03-31 | |
Log analysis | New feature | Configuration assessment logs are supported. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-03-28 | |
Proxy access | Feature iteration | The proxy access feature is optimized. You can add servers to Security Center by configuring proxy servers. | All editions | 2023-03-22 | |
Host-specific rule management | Feature iteration | The entry points to specific modules are removed to the page. The modules are malicious behavior defense, defense against brute-force attacks, and approved logon management. The approved logon management module allows you to configure approved logon locations, approved logon IP addresses, approved logon time ranges, and approved logon accounts. | All editions | 2023-03-17 | |
Multi-account management | Feature iteration | The multi-account management feature is optimized. You can use the management account of your resource directory or a delegated administrator account to switch between the members in your resource directory and view data in Security Center console of different members. | All editions | 2023-03-15 | |
Service-linked role for Security Center | New feature | The AliyunServiceRoleForSasRd service-linked role is added. The role allows the delegated administrator accounts of Security Center to log on to the Security Center console of the members in the resource directory to which the delegated administrator accounts belong. This applies when the multi-account management feature is enabled. | All editions | 2023-03-15 | |
Untrusted process defense | New feature | The untrusted process defense feature is released. The feature can detect and block the startup of programs that are not included in the images of your containers during the running of the containers. This helps defend against malicious software intrusion. | Ultimate | 2023-03-10 |
February 2023
Feature | Category | Description | Involved edition | Release date | References |
Configuration assessment | Feature iteration | Security Center allows you to modify the configurations of specific check items, such as OSS Bucket Immobilizer Configuration, Idle user cleaning, and Password_validity. | All editions | 2023-02-22 | |
Agentless detection | Feature iteration | The agentless detection feature can check data disks of Elastic Compute Service (ECS) instances. | Advanced, Enterprise, and Ultimate | 2023-02-07 | |
Application protection | New feature | The application protection feature is upgraded. You can configure a whitelist to allow specific access requests. | Advanced, Enterprise, and Ultimate | 2023-02-03 | |
New feature | The QR code of the DingTalk group for the application protection feature is provided on the Application Protection page in the Security Center console. The DingTalk group is numbered 24655011781. You can scan the QR code to join the DingTalk group to obtain technical support for the following scenarios: configure the application protection feature, enable the application protection feature for an application, and use the feature. | Advanced, Enterprise, and Ultimate | 2023-02-01 |
January 2023
Feature | Category | Description | Involved edition | Release date | References |
Web tamper proofing | Feature iteration | Web tamper proofing is supported for Anolis OS 8.6 RHCK and Anolis OS 8.6 ANCK. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-01-06 | |
Security Center release | New feature | Security Center can be released with a few clicks after it expires. You can repurchase Security Center and select specifications based on your business requirements. | Anti-virus, Advanced, Enterprise, and Ultimate | 2023-01-05 | None |
Security Center release notes
For more information about the release notes of Security Center earlier than 2023, see Release notes (earlier than 2023).