You can configure the alert contacts of Security Center by adding security message recipients in the Message Center console. The default recipient is the contact that you specified when you created your Alibaba Cloud account. To enhance the security protection of individual and enterprise accounts and assets, you can add security message recipients in Message Center. The recipients can provide support for the security emergency management of cloud services, help monitor and manage risks, and detect and handle security risks at the earliest opportunity.
Step 1: Configure security message recipients in Message Center
After you add a security message recipient, the recipient can receive security notifications by using the specified notification methods such as emails and internal messages.
Log on to the Message Center console.
In the left-side navigation pane, choose .
On the Common Settings page, find Security message and select one or more types of security messages that you want to send to recipients.
NoteSecurity messages of the Security Notice type are used for multiple cloud services such as Security Center, Anti-DDoS, and Web Application Firewall (WAF). If you add a security message recipient for this type of security message, the recipient receives the security messages of all applicable cloud services.
For example, the recipient receives Security Center security messages such as security alerts, alerts generated by the web tamper proofing feature, alerts generated by the container firewall feature, and alerts generated for AccessKey pair leaks, Anti-DDoS security messages such as DDoS attack events on protected assets, and WAF security messages such as domain names without an Internet content provider (ICP) filing and security events that are labeled security control.
If you need a security message recipient to provide more emergency support, you can also add the recipient for security messages of the Notification on illegal operations and Account Security Alert types.
Notification on illegal operations: The system sends notifications on penalties for illegal operations that are performed by using Alibaba Cloud service resources.
Account Security Alert: The system sends alert notifications if the current Alibaba Cloud account and its Resource Access Management (RAM) users are exposed to security risks, such as AccessKey pair leaks.
In the lower part of the page, click Add Message Recipient.
In the Modify Contact dialog box, click Add Receiver. Enter the name and email address of the recipient, select the job title of the recipient, and then click OK.
Name: the name of the recipient. The name can contain letters and can be up to 20 characters in length.
Email: the email address that is used to receive messages.
Occupation: We recommend that you set this parameter to the job title of the recipient.
ImportantBefore a recipient can receive messages, you must verify the email address of the recipient. The system automatically sends a verification message to the specified email address. The recipient must complete the verification in time based on the instructions in the email.
In the Modify Contact dialog box, select one or more recipients and click Save.
Select the check boxes of one or more notification methods that you want to use. Internal messages and emails are supported.
In the Contact column, the names of new recipients are displayed, which indicates that the recipients are added. The configured security message recipients immediately take effect and can receive security messages of the specified types.
Step 2: Configure notification methods in Security Center
After you add security message recipients for security messages of the Security Notice type, you can also configure the notification method and frequency of a notification item in the Security Center console. For more information, see the Configure notification settings on the Email/Internal Message tab section of the "Configure notification settings" topic.
If you select only Internal Messages as the notification method for security messages of the Security Notice type in the Message Center console and select Internal Message and Email as the notification methods for the Baseline Check item in the Security Center console, security message recipients receive notifications only from internal messages. If security message recipients need to receive notifications from emails, you must also select Email as one of the notification methods for security messages of the Security Notice type in the Message Center console.
References
Security Center supports alert notification by using DingTalk chatbots. For more information, see the Configure notification settings on the DingTalk Chatbot tab section of the "Configure notification settings" topic.
Anti-DDoS supports alert notification by using CloudMonitor and Simple Log Service. You can configure filter conditions or custom conditions in alert notification settings. For more information, see Configure alert notifications for DDoS attack events.
WAF supports alert notification by using CloudMonitor and Simple Log Service. You can customize alert rules for security events and metrics. For more information, see Configure WAF alerting.