Security Center displays the security operations information about your cloud assets, which can help you monitor the security of your cloud assets. The information includes the status of the cloud assets, security evaluation results, and real-time monitoring and alerting data on various security events. This topic describes how to view the security overview in the Security Center console.
The Overview page displays the security data of cloud assets from various dimensions, including the security score, security risk overview, security operations trend, and asset information overview. Security Center also provides entry points to upgrade, renewal, and asset quota increase. This allows you to manage cloud assets in a centralized manner.
Log on to the Security Center console . The Overview page appears by default. You can click the Overview tab to view the security information about your cloud assets.
Secure Score (marked 1 in the preceding figure)
Secure score displays the security score of your assets. The security score is calculated based on the deduction items such as alerts and configuration risks. The security score ranges from 0 to 100. A higher score indicates fewer risks in your assets. The following list describes how the security score is calculated:
To improve the security of your cloud assets, you must handle alerts at the earliest opportunity. This helps improve the security score. For more information, see Improve the security score.
Edition overview (marked 2 in the preceding figure)
This section displays the edition of your Security Center, the expiration time of your Security Center, and the statistics of protected assets. You can perform the following operations in this section:
The data displayed on the Overview page varies based on the edition of Security Center.
Security risk (marked 3 in the preceding figure)
This section displays the statistics of security risks that are detected on your cloud assets.
Security Information (marked 4 in the preceding figure)
This section displays the latest information about vulnerabilities.
Security Operations Trend (marked 5 in the preceding figure)
This section displays the trends of the numbers of alerts, vulnerabilities, and baseline risks within a specific time range in a column chart.
This section also displays the trends of Newly Detected Risks and Handled Risks in the current day in a line chart. Risks that are ignored, handled, or added to a whitelist are considered handled risks.
Help Center (marked 6 in the preceding figure)
This section displays the links to Security Center documentation. You can click a link to view details.
Improve the security score
The risks of cloud assets are classified into the following levels based on the security score: High risk (below 69), Medium risk (70 to 84), Risks (85 to 94), and Security (95 to 100). We recommend that you handle risks and alerts at the earliest opportunity to improve the security score. This helps ensure the security of your cloud assets.
In the Secure Score section, click Process Now.
In the Security Risk panel, view the penalty point for each risk item. If you want to handle a risk item, you can click Process Now to the right of the risk item to go to the page on which you can view the risk item. You can handle the risk item based on the risk details or the solutions that are provided on the page.
The Security Risk panel displays the following types of risks that you must handle at the earliest opportunity:Note
The risks displayed in the panel vary based on the edition of Security Center because different editions support different features that are used to detect risks.
Configuration risks of core features: Create an anti-ransomware policy. For more information, see Anti-ransomware overview.
Unhandled alert events: Handle the alert events. For more information, see View and handle alert events.
Unfixed vulnerabilities: Fix the vulnerabilities. For more information, see View and handle vulnerabilities.
Baseline risks: Handle the baseline risks. For more information, see Baseline check.
AccessKey pair leaks: Handle the leak events on AccessKey pairs. For more information, see Detection of AccessKey pair leaks.
Configuration risks of cloud services: Handle the configuration risks of cloud services. For more information, see Configuration assessment.
Custom security score
By default, Security Center specifies a penalty point for each deduction item. You can customize the penalty points based on your business requirements.
In the upper-right corner of the Secure Score section, click Custom Security Score.
In the Custom Security Score panel, specify a penalty point for each deduction item and click OK.
The security score feature supports deduction modules such as Key function configure, Unhandled Alerts, and Unfixed Vul. The deduction threshold of each deduction module ranges from 0 to 100. The sum of the deduction thresholds of all deduction modules cannot exceed 100.
Each deduction module contains different deduction items. The penalty point of each deduction item ranges from 0 to the deduction threshold of the deduction module to which the deduction item belongs.
If you have modified the security score settings, Restore to Default Settings is displayed in the Custom Security Score panel. You can click Restore to Default Settings to restore default settings.
How do I view the version of the virus library of Security Center?
The update time of the virus library that is displayed in the Security Center console indicates the version of the virus library. You can view the update time of the virus library on the Overview page.
Security Center dynamically updates the virus library and the characteristics of viruses in the virus library based on the analysis results of engines. The engines include lexical analysis engines, virus detection engines, machine learning engines, deep learning engines, big data-based threat detection engines, threat intelligence engines, and abnormal behavior analysis engines. We recommend that you use Security Center to scan for vulnerabilities and viruses on a regular basis to protect your servers from viruses. For more information, see Scan for vulnerabilities and Use the virus detection and removal feature.
After I install the Security Center agent on my ECS instances, will the virus library of Security Center be installed on the instances?
Security Center does not install the virus library on your Elastic Compute Service (ECS) instances or download the virus library to your ECS instances. The virus library is stored on and is updated by Security Center. Security Center updates the virus library in real time. Security Center checks whether your ECS instances are exposed to viruses based on the virus library.
What are the priorities to handle security events that I can access in the Secure Score section?
The following table describes the priorities to handle security events that you can access in the Security Score section. A smaller number indicates a higher priority. The number 1 indicates the highest priority.
Configure or enable core features.
Handle AccessKey pair leaks.
Handle configuration risks in cloud services.
Handle baseline risks.
Handle security alerts.
How does the vulnerability scan level affect the security score?
If you focus only on high- and medium-level vulnerabilities and ignore low-level vulnerabilities, you can exclude the low-level vulnerabilities from the scope of the security score.
To exclude low-level vulnerabilities from the scope of the security score, perform the following operations: Choose Scan for vulnerabilities.in the Security Center console. In the upper-right corner of the Vulnerability page, click Settings. In the Settings panel, configure the Vul scan level parameter. For more information, see
How does the baseline check level affect the security score?
If you focus only on high- and medium-level baseline checks and ignore low-level baseline checks, you can exclude the low-level baseline checks from the scope of the security score.
To exclude low-level baseline checks from the scope of the security score, perform the following operations: Choose Baseline check.in the Security Center console. In the upper-right corner of the Baseline Check page, click Manage Policies. In the Manage Policies panel, configure the Baseline level parameter. For more information, see