Security Center

Original Name: Threat Detection Service. Unified Solution for Server Protection and Security Operation Center

Security Center is a flagship security product that integrates both Server Guard and Threat Detection Service. It is a unified security management system that recognizes, analyzes, and alerts of security threats in real-time. With security capabilities such as ransomware protection, anti-virus protection, web tamper protection, and compliance assessments, users can automate security operations, responses, and threat tracing to secure cloud and local servers and meet regulatory compliance requirements.


Event Alerts and Log Query
Monitors security events in real time and provides resolutions, analyzes alerts, and queries alert details from logs.
Raw Log Storage and Query
The Enterprise Edition allows customized queries and analysis of logs within the last 180 days.
Risk Quantification and Prediction
Provides quantified threat analysis and risk prediction based on machine learning.
Easy-to-use User Interface
The Enterprise Edition provides an easy-to-use user interface, allowing you to understand the security situation in real time.


Security Monitoring

Provides security monitoring results within seconds

Reduces the amount of false alarms, using correlation analysis of networks and hosts. This is one of the biggest concerns of enterprise security personnel.

Monitors enterprise system vulnerabilities, listener ports, intrusions, web attacks, and DDoS attacks, and learns about new threats and opinions on enterprise security.

Intrusion Detection

Precise webshell and virus detection

Detects intrusions by modelling and analyzing data such as traffic data, host activity data, and host operation logs. Detects with an accuracy of up to 99.99%.

Quickly and accurately detects the cause of network security status changes based on large amounts of data.

Vulnerability Analysis

Detects web vulnerabilities, host vulnerabilities, configuration risks, and weak passwords.

Detects vulnerabilities in real time, including web vulnerabilities, such as SQL injection and XSS vulnerabilities, third-party open-source software vulnerabilities, ECS instance vulnerabilities, and system configuration vulnerabilities.

Detects vulnerabilities in real time to enable quick vulnerability fixes.


Provides 10 screens to display visualized security reports.

Visualizes accesses to your system and attacks from across the globe.

Allows you to report the overall security situation to colleagues and business visitors.

Threat Analysis

Data modelling by Alibaba Cloud Security engineers enables professional security analysis based on big data.

Alibaba Cloud Security engineers analyze all possible threats to your system offline using data models that are built through big data analysis.

Identifies attackers and sends attack alerts, allowing you to block all attacks.

Log Analysis

Allows the enterprise security personnel to customize threat analysis models based on their own business needs and logs.

Allows you to export a large number of logs for correlation and analysis.

Provides Petabyte-level data storage and analysis, enabling more intelligent security management in the age of digital technology.

Detects attacks by analyzing the network logs, automatically responds to security events, and identifies unusual activities.


  • Is my network secure?
  • What are the impacts of DDoS attacks on my system?
  • Who is attacking my system?
  • How do I manage the system security?
Are there any vulnerabilities in my system?

Are there any vulnerabilities in my system?

Many websites have critical vulnerabilities. You can use TDS to detect the vulnerabilities on your ECS instances.

TDS detects common web vulnerabilities, third-party open-source software vulnerabilities, host OS software vulnerabilities, and critical vulnerabilities known only to a small number of attackers, and sends you early-warning alerts and fixes for these vulnerabilities.

Related Products and Services

Is my network secure?

Is my network secure?

If large traffic fluctuations have been detected on your network, you can use TDS to detect and analyze threats on your system.

TDS can distinguish attackers from harmless scriptwriters by using big data modelling and analysis, allowing you to identify threats on your system. TDS also assesses protection policies to ensure effective protection.

Related Products and Services

What are the impacts of DDoS attacks on my system?

What are the impacts of DDoS attacks on my system?

If your ECS instances have encountered DDoS attacks, you can use TDS to find the affected instances and orders. 

By monitoring all traffic in your business, TDS detects DDoS attacks within seconds, provides detailed information such as the malicious traffic components, scrubbed traffic volume, and attack time, and analyzes the impacts of the attacks. 

Related Products and Services

Who is attacking my system?

Who is attacking my system?

You can use TDS to determine whether the attacker is a competitor, a malicious hacker, or an employee.

TDS identifies and traces intrusions, enabling automatic intrusion evidence recording. 

Related Products and Services

How do I manage the system security?

How do I manage the system security?

Maintenance engineers can use TDS to maintain the system security, perform baseline checks, and detect the latest vulnerabilities.

You can prevent intrusions only with a thorough understanding of the vulnerabilities that may be exploited by attackers. TDS allows comprehensive protection by managing the system security at the network layer, host layer, and application layer.

Related Products and Services