Use the security check feature - Assets| Alibaba Cloud Documentation Center

On the Server(s) tab of the Assets page in the Security Center console, you can run security checks on a specific server to detect vulnerabilities, baseline risks, and webshells. You can also run security checks to collect asset fingerprints, such as information about ports, software, processes, accounts, and middleware. This topic describes how to run security checks on your servers.

Background information

Only the Anti-virus, Advanced, Enterprise, and Ultimate editions of Security Center support this feature. If you use the Basic edition, you must upgrade Security Center to the Anti-virus, Advanced, Enterprise, or Ultimate edition before you can use this feature. For more information about how to purchase and upgrade Security Center, see Purchase Security Center and Upgrade and downgrade Security Center. For more information about the features that each edition supports, see Features.

Notice If you run security checks on your server, Security Center detects vulnerabilities, baseline risks, and webshells, and collects asset fingerprints at the same time. In this case, the CPU utilization and memory usage of your server increase, which may affect your workloads. The security check may require 1 to 5 minutes. To prevent service interruptions, we recommend that you perform this operation during off-peak hours.

Procedure

Log on to the Security Center console.
In the left-side navigation pane, click Assets.
On the Assets page, click the Server(s) tab.
In the server list, select one or more servers on which you want to run security checks.
Click Security check below the server list.
In the Security Check dialog box, select check items.
Click OK to start the check.
In the message that appears, click OK.
The security check may require 1 to 5 minutes. You do not need to check again.

After the security check is complete, the results are displayed on the asset details page in the Security Center console.

What to do next

To view the check results, you can click the tab that corresponds to a specific check item.

For more information about the detection results of each vulnerability type, see the following topics:
For more information about the results of baseline checks, see View and manage baseline risks.
For more information about the results of webshell detection, see View and handle alert events.
For more information about asset fingerprints, such as information about ports, software, processes, accounts, and middleware, see View asset fingerprints.