Security Center offers a range of security protection features to suit different scenarios, including basic features like virus detection and removal, asset exposure analysis, and value-added services such as anti-ransomware and web tamper proofing. This topic describes the billing methods, billable items, and billing formulas for Security Center.
Billing methods
Subscription
Security Center supports subscription billing, which allows resource usage only after payment. This method offers discounted rates for reserved resources, helping to reduce costs. Subscription billing is ideal for scenarios where:
Resource usage duration can be predicted.
Resource usage is relatively stable.
Long-term resource use is required.
The billing cycle for a subscription resource is the duration specified at purchase, based on UTC+8. It starts when the resource is bought or renewed and ends at 00:00:00 on the day following the expiration date, accurate to the second.
Pay-as-you-go
Features like host and container security, vulnerability fixing, and cloud threat detection and response (CTDR) are available with pay-as-you-go billing. Once enabled, bills are generated based on actual daily usage and issued the following day.
Billable items
The fees of Security Center consist of basic service fees and value-added service fees.
Basic service fees: You are charged for the basic protection features provided by the current edition of Security Center, such as virus detection and removal, baseline check, proactive defense against container risks, and alerting. Each edition of Security Center supports different basic protection features. You can select an edition based on your business requirements. For more information about the features that are supported by each edition, see Functions and features.
Value-added service fees: You can purchase one or more value-added features when you purchase a specific edition of Security Center. You can also separately purchase value-added features. The value-added features include anti-ransomware, web tamper proofing, and cloud honeypot. You can separately purchase the vulnerability fixing, agentless detection, and CSPM features by using the pay-as-you-go billing method.
Billing formulas
The Basic edition of Security Center is automatically activated for all Alibaba Cloud users. It offers limited detection capabilities without protection features. For enhanced detection and protection, you can purchase the following editions of Security Center: Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan.
Edition | Billing formula |
Anti-virus | Fee = (Value of the Core parameter × Basic service fees + Fees of value-added features) × Subscription duration Note The Core parameter specifies the total number of virtual CPUs (vCPUs) for servers that you want to protect. |
Advanced | Fee = (Value of the Protected Servers parameter × Basic service fees + Fees of value-added features) × Subscription duration Note The Protected Servers parameter specifies the total number of assets that can be protected by Security Center. The assets include Alibaba Cloud Elastic Compute Service (ECS) instances and servers that are not deployed on Alibaba Cloud and on which the Security Center agent is installed. |
Enterprise | |
Ultimate | Fee = (Value of the Protected Servers parameter × Basic service fees + Value of the Core parameter × Basic service fees + Fees of value-added features) × Subscription duration |
Value-added Plan | Fee = Fees of value-added features × Subscription duration |
Pay-as-you-go | Fee = Consumed resources of a value-added feature × Unit price |
Pricing
The billable items vary based on the edition of Security Center and the value-added features that you purchase. The prices in the following table are provided for reference only. For more information about the actual prices, go to the Security Center buy page.
Subscription billable items
Billable item | Anti-virus | Advanced | Enterprise | Ultimate | Value-added Plan | |
Basic service fees | USD 1 per core-month | USD 9.5 per server-month | USD 23.5 per server-month | USD 23.5 per server-month + USD 1 per core-month | N/A | |
Value-added service fees | Vulnerability fixing | USD 0.3 per fix-month (The minimum quota that you can purchase is 20.) | An unlimited quota is provided, and no additional fees are generated. | USD 0.3 per fix-month (The minimum quota that you can purchase is 20.) | ||
Application protection | You can purchase a larger quota at a lower unit price.
| |||||
Web tamper proofing | USD 165 per server-month | |||||
Threat analysis and response |
| |||||
Anti-ransomware | USD 0.045 per GB-month | |||||
Log analysis | USD 0.1 per GB-month | Not supported. | ||||
Container image scan | Not supported. | USD 0.1 per image-month | ||||
Cloud honeypot | USD 333.33 per probe-month (The minimum quota that you can purchase is 20.) Note You are charged for cloud honeypot based on the number of probes. | |||||
CSPM | Based on the consumed quota for CSPM (The total number of scans, verifications, and successful fixes for each check performed on an instance), a tiered pricing model is applied. The following list describes the specific pricing details (The minimum quota that you can purchase is 15,000, with increments of 55,000):
Note An instance refers to the instance of a specific network device or an application, such as an Object Storage Service (OSS) bucket or an ECS security group. For more information, see Overview of CSPM. | |||||
SDK for malicious file detection | USD 1.5 per 10,000 detections-month (The minimum quota that you can purchase is 100,000.) Note You are charged based on the number of times that files are detected. | |||||
Subscription duration | Monthly or yearly subscription is supported. | |||||
If you use Security Center Basic, you can purchase the host and container security feature from any Security Center edition along with its supported features. If you don't need host and container security services, you can choose the Value-added Plan edition to purchase value-added features separately.
If you purchased the CTDR feature before April 26, 2024, you are charged based on the original price of USD 0.44 per GB-month for log storage capacity.
On July 21, 2022, the basic service fees for Security Center Ultimate are changed from USD 3 per core-month to USD 23.5 per server-month + USD 1 per core-month.
If you purchased Security Center Ultimate before July 21, 2022, you are charged based on the original prices when you renew, upgrade, or downgrade Security Center.
Starting from July 21, 2022, you are charged the basic service fees for Security Center Ultimate in scenarios when you purchase Security Center Ultimate or upgrade Security Center to the Ultimate edition. Basic service fees = USD 23.5 per server-month + USD 1 per core-month.
Pay-as-you-go billable items
Host and container security: Fees for host and container security accumulate based on the number of servers and protection duration when the agent is online, calculated in seconds and settled daily.
Edition
Price
Monthly fee (30-day reference price)
Anti-virus
USD 0.000000578 per core-second
USD 1.5 per core-month
Advanced
USD 0.000005497 per server-second
USD 14.25 per server-month
Enterprise
USD 0.000013599 per server-second
USD 35.25 per server-month
Ultimate
USD 0.000013599 per server-second + USD 0.000000578 per core-second
USD 35.25 per server-month + USD 1.5 per core-month
Vulnerability fixing: Enabling pay-as-you-go billing for vulnerability fixing incurs charges of USD 0.3 per fix daily. For more information, see Rules for calculating the number of fixed vulnerabilities.
CTDR: Pay-as-you-go billing for CTDR uses tiered cumulative billing based on daily log data added. The daily bill is the total of fees across each tier of log data added.
NoteThe minimum billing unit is 1 GB, with any log data addition under 1 GB billed as 1 GB.
Log data to add (GB/day)
Price (USD/GB)
Billing formula (Y is the data added within one day, in GB)
1~10
2.2
2.2 × Y (USD)
11~50
1.6
1.6 × (Y - 10) + 2.2 × 10 (USD)
51~100
1.4
1.4 × (Y - 50) + 1.6 × 40 + 2.2 × 10 (USD)
>100
1.2
1.2 × (Y - 100) + 1.4 × 50 + 1.6 × 40 + 2.2 × 10 (USD)
CSPM: Once you enable pay-as-you-go billing for cloud security posture management (CSPM) feature, billing accrues cumulatively in tiers based on the consumed quota for CSPM (scan counts + verification counts + successful fix counts) by calendar day. For more information, see Authorization and purchase.
Consumed quota for CSPM
Price (USD/quota)
Fee calculation formula (Z is the number of quotas used in one day)
0~100,000
0.0009
0.0009 × Z (USD)
100,001~500,000
0.0007
0.0007 × (Z - 100,000) + 0.0009 × 100,000 (USD)
Greater than 500,000
0.00045
0.00045 × (Z - 500,000) + 0.0007 × 400,000 + 0.0009 × 100,000 (USD)
Agentless detection: Enabling pay-as-you-go billing for agentless detection results in charges of USD 0.03 per GB daily. For more information, see Use the agentless detection feature.
Serverless asset protection: Once Serverless asset protection is enabled, you are charged 0.000003 USD per core-second daily. For more details, see Step 1: Purchase the serverless asset protection feature and complete authorization.
Overdue payments
With the subscription billing method, you won't be able to renew or upgrade your services if there is an overdue payment.
With the pay-as-you-go billing method, overdue billing may occur if your Alibaba Cloud account balance and vouchers are insufficient to cover the amount due. In such cases, you cannot use features like host and container security, vulnerability fixing, or CTDR, and you won't be able to perform fee-related operations like purchasing, renewing, or upgrading.
Refund policy
For details on the refund policy, please submit a ticket.