All Products
Search

This Product

    Security Center:AI assets

    Document Center

    Security Center:AI assets

    Last Updated:Mar 03, 2026

    Automatically discover and inventory AI assets in the cloud, and centrally govern security risks—including vulnerabilities, Internet Exposure, configuration defects, and sensitive information leakage—across their entire lifecycle, including development, deployment, and operation.

    Function overview

    Supported AI assets

    • AI component detection on servers

      • Training and inference engines: such as Ollama, vLLM, Lm Studio, Xinference, and LLaMA Factory.

      • AI service applications: such as AI interfaces (open-webui), conversational services (NextChat), AI workflows (Dify), and image generation (ComfyUI and Stable Diffusion WebUI).

      • Infrastructure: such as vector databases (Milvus and Qdrant).

    • AI product detection in multicloud environments: Detects snapshots, images, serverless products, and AI cloud products (such as Lingjun and Visual Intelligence Platform). This covers AI products across multicloud environments, including Alibaba Cloud, Tencent Cloud, AWS, and Azure.

    Asset categorization

    • AI workloads: including ECS instances, Lingjun instances, and Serverless.

    • AI image artifacts: including ECS images, ECS snapshots, and container images.

    • Development and training: Common platforms include the following:

      • Alibaba Cloud: PAI

      • Huawei Cloud: ModelArts

      • Tencent Cloud: TI-ONE

      • AWS: SageMaker

      • Azure: AzureAiService

      • Azure: AzureMachineLearning

    • AI services: including services from vendors such as DashScope and DeepSeek.

    • AI tools and components: including Ollama and LlamaIndex.

    Supported AI asset risk detection

    • Detection capabilities and rule library

      • AI component vulnerabilities: Multiple vulnerability detection rules.

      • AI configuration compliance: Multiple configuration check items, covering security best practices for AI products.

      • AI key storage: Detects if keys are stored in plaintext.

      • AI component exposure analysis: Analyzes exposure from multiple dimensions.

    • Core risk detection dimensions

      • Vulnerability risks: Unauthorized access vulnerabilities in key components such as Stable Diffusion WebUI, Ollama, and ComfyUI.

      • Plaintext key storage: Detects plaintext storage of AI service keys such as OpenAI API keys and user credentials such as HuggingFace tokens.

      • Identity and permission risks: Security checks for configurations such as access control whitelists and member permissions.

      • Configuration risks: Checks for cloud product network access policies such as virtual private cloud (VPC) access, service operation protection, and custom service configurations for access within a VPC.

      • Exposure risks: Identifies AI assets on servers that are exposed to the Internet.

    Sales and support information

    The AI Asset feature does not require a separate purchase. Its availability depends on the authorization and activation of related Security Center security protection features. The details are as follows:

    Subscription

    Service/Edition

    AI capability description

    Related feature

    Enterprise or Ultimate service

    Detects AI component assets on servers.

    • Assets > Host > AI Component

    • Assets > Cloud Product

      Note

      AI components are displayed only on the snapshot and image pages for ECS instances. Information includes the component name, version, package path, and the last scan time.

    Detects related vulnerabilities in AI components.

    Risk Governance > Vulnerabilities > Application Vulnerability

    Identifies AI application components exposed to the Internet.

    Risk Governance > Asset Exposure Analysis or Risk Governance > Attack Management

    Container Image Scan value-added service

    • Basic security scan: Detects AI vulnerabilities, malicious samples, and sensitive files in images, and performs security baseline checks.

    • AI-specific risk scan: Identifies the risk of AI keys stored in plaintext within images. This includes, but is not limited to, OpenAI keys and Alibaba Cloud PAI-EAS service tokens.

    Protection Configuration > Container Protection > Container Image Scan

    CSPM value-added service

    Integrates AI security best practices from major cloud vendors such as Alibaba Cloud, Azure, AWS, Tencent Cloud, and Huawei Cloud to provide automated detection of AI asset configuration risks.

    Risk Governance > CSPM

    Pay-as-you-go

    Service

    AI capability description

    Related feature menu

    Host and Container Security

    Important

    The protection level attached to the server must be Host Protection or Host and Container Protection.

    Detects AI component assets on servers.

    • Assets > Host > AI Component

    • Assets > Cloud Product

      Note

      AI components are displayed only on the snapshot and image pages for ECS instances. Information includes the component name, version, package path, and the last scan time.

    Detects related vulnerabilities in AI components.

    Risk Governance > Vulnerabilities > Application Vulnerability

    Identifies AI application components exposed to the Internet.

    Risk Governance > Asset Exposure Analysis or Risk Governance > Attack Management

    Agentless Detection

    Provides agentless host detection capabilities, allowing comprehensive scanning of Elastic Compute Service (ECS) instances with deployed AI components without installing a client. The detection scope is as follows:

    • General risks: Vulnerability, Baseline Check, Malicious Sample

    • AI-specific risks: Sensitive File detection for AI service credentials such as OpenAI keys and Alibaba Cloud PAI-EAS service tokens.

    Protection Configuration > Host Protection > Agentless Detection

    CSPM paid service

    CSPM integrates AI security best practices from major cloud vendors such as Alibaba Cloud, Azure, AWS, Tencent Cloud, and Huawei Cloud. It provides automated detection of AI asset configuration risks, comprehensively covering key security configuration items for artificial intelligence platforms (PAI), various AI services, and machine learning components.

    Risk Governance > CSPM

    Serverless Asset Protection paid service

    Serverless Asset Protection supports common threat alert detection, vulnerability scanning, and baseline risk checks for Serverless AI assets.

    Assets > Serverless Asset

    Install the client

    You must install the Security Center client to discover AI components, scan for AI Application Vulnerability, identify AI asset exposure risks, and perform Container Image Scan. This installation is not required if you have enabled Agentless Detection. The installation methods are as follows:

    Note

    Agentless Detection provides AI-powered component and application detection capabilities without requiring a client. For more information, see Agentless detection scan risks.

    • General installation method: For more information, see Install the client.

    • Installation during ECS purchase: When you purchase an Alibaba Cloud Elastic Compute Service (ECS) instance, the client is automatically installed if you keep the default Free Security Hardening option checked.image

    Sync AI assets

    Automatic synchronization

    The system automatically syncs and records AI assets and their associated risk information when you perform operations such as Asset Fingerprints investigation, host baseline checks, agentless detection, container image security scans, CSPM configuration checks, vulnerability scanning, or Serverless asset scans.

    Note

    Only users of the Enterprise Edition or higher can use scheduled daily automatic synchronization.

    Manual synchronization

    1. Access the Security Center console - Agent Security Center - AI Assets. In the upper-left corner of the page, select the region where the assets to be protected are located: Chinese Mainland or Outside Chinese Mainland.

    2. On the Asset List tab, you can click Synchronize Assets.

      Note

      The synchronization process may take some time.

    Asset and risk overview

    The Overview tab of Agent Security Center > AI Asset displays AI assets and key risk information from various modules, including the following:

    • At-Risk AI Assets: Displays the total number of risky AI assets for the current account and their corresponding risk change trends.

    • AI Risk Asset Distribution: Displays the current AI asset categorization and the day-over-day quantity changes.

    • Top 5 AI Risk Configurations: Displays the top 5 risks from AI-SPM-related check items. Click a check item name to view details on the CSPM page.

    • Top 5 AI Vulnerabilities: Displays the top 5 AI component vulnerabilities from Vulnerability Management. Click a vulnerability name to view the vulnerability details page.

    • AI Asset Internet Exposure: Displays asset exposure analysis data. You can view exposure trends for the last 7 days, the last 30 days, or a custom period.

    • Top 5 Keys Stored in Plaintext: Displays the top 5 AI key plaintext storage risks discovered through agentless detection.

    View AI asset list and risks

    1. Go to the Asset List tab under Agent Security Center > AI Asset.

    2. In the asset list, check the Risky Assets / Total Assets column. If the number of risky assets is greater than 0, click View in the Actions column.

    3. On the asset details page, click View in the Actions column for a target asset to see its details and risks. Common asset risks and their handling are described below:

      Note

      The information displayed in the console prevails.

      • Vulnerability Details: View and handle AI Application Vulnerability detected on the current asset. It also displays associated Urgent Vulnerability, Linux Software Vulnerability, and Windows System Vulnerability.

        Warning

        • AI application vulnerabilities must be fixed manually. One-click fixes are not supported in the console.

        • Fixing vulnerabilities may affect your services. Create a server snapshot or image backup before you proceed. For more information, see View and handle vulnerabilities.

      • Alert: View and handle alerts detected for the AI asset. For more information, see Evaluate and handle security alerts.

      • Agentless Detection: View and handle vulnerability risks, baseline risks, malicious samples, and sensitive file information found by agentless scans. For more information, see Agentless Detection.

      • CSPM: View and handle risks identified by configuration checks. For more information, see Set and run check policies and View and handle failed check items.

      • Key: View risks related to AI API keys stored in plaintext, as detected by agentless detection and container image scans.

    Billing information

    • AI asset discovery: Security Center automatically discovers and tags AI assets. This process does not incur additional fees.

    • Risk detection billing: Fees for risk detection and management are based on the Security Center features that you use and their respective billing rules. For more information, see Billing information.

      • Application vulnerability: Contributes to the authorization count for host security protection.

      • AI configuration risk checks: Billing is based on the number of authorized assets for Cloud Security Posture Management (CSPM).

      • Image security scan: Billing is based on the number of authorized scans or the number of scans performed.

      • Agentless detection: Billing is based on the scanned capacity (in GB) for agentless detection.