Billing description of features provided by Security Center - Security Center

To meet security protection requirements in different scenarios, Security Center provides basic protection features such as virus detection and removal and asset exposure analysis, and value-added features such as anti-ransomware and web tamper proofing. This topic describes the billing methods, billable items, and billing formulas of Security Center.

Billing methods

Subscription

Security Center supports the subscription billing method. Subscription is a billing method that allows you to pay in advance for the use of resources. This billing method allows you to reserve resources at discounted rates and reduce costs. Subscription is suitable for the following business scenarios:

The usage period of resources can be estimated.
The resource usage does not frequently fluctuate.
Long-term use of resources is required.

The billing cycle of a subscription resource is the subscription duration that you specify when you purchase the resource. The time is based on UTC+8. The billing cycle begins at the time when the subscription resource is purchased or renewed, and ends at 00:00:00 on the day after the expiration date. The start time and end time are accurate to seconds.

Pay-as-you-go

The vulnerability fixing, agentless detection, and configuration assessment features support the pay-as-you-go billing method. If you purchase a feature by using the pay-as-you-go billing method, you are charged based on the actual resource usage, and bills are generated on the next day.

Billable items

The fees of Security Center consist of basic service fees and value-added service fees.

Basic service fees: You are charged for the basic protection features provided by the current edition of Security Center, such as virus detection and removal, baseline check, proactive defense against container risks, and alerting. Each edition of Security Center supports different basic protection features. You can select an edition based on your business requirements. For more information about the features that are supported by each edition, see Functions and features.
Value-added service fees: You can purchase one or more value-added features when you purchase a specific edition of Security Center. You can also separately purchase value-added features. The value-added features include anti-ransomware, web tamper proofing, and cloud honeypot. You can separately purchase the vulnerability fixing, agentless detection, and configuration assessment features by using the pay-as-you-go billing method.

Billing formulas

Note

The Basic edition of Security Center is automatically activated for all Alibaba Cloud users. The Basic edition supports only basic protection features. If you need to use more protection features, you can purchase the following editions of Security Center: Anti-virus, Advanced, Enterprise, Ultimate, and Value-added Plan.

Edition	Billing formula
Anti-virus	Fee = (Value of the vCore parameter × Basic service fees + Fees of value-added features) × Subscription duration Note The vCore parameter specifies the total number of virtual CPUs (vCPUs) for servers that you want to protect.
Advanced	Fee = (Value of the Protected Servers parameter × Basic service fees + Fees of value-added features) × Subscription duration Note The Protected Servers parameter specifies the total number of assets that can be protected by Security Center. The assets include Alibaba Cloud Elastic Compute Service (ECS) instances and servers that are not deployed on Alibaba Cloud and on which the Security Center agent is installed.
Enterprise
Ultimate	Fee = (Value of the Protected Servers parameter × Basic service fees + Value of the vCore parameter × Basic service fees + Fees of value-added features) × Subscription duration
Value-added Plan	Fee = Fees of value-added features × Subscription duration
Pay-as-you-go	Fee = Consumed resources of a value-added feature × Unit price

Pricing

The billable items vary based on the edition of Security Center and the value-added features that you purchase. The prices in the following table are provided for reference only. For more information about the actual prices, go to the Security Center buy page.

Subscription billable items

Billable item		Anti-virus	Advanced	Enterprise	Ultimate	Value-added Plan
Basic service fees		USD 1 per core-month	USD 9.5 per server-month	USD 23.5 per server-month	USD 23.5 per server-month + USD 1 per core-month	N/A
Value-added service fees	Vulnerability fixing	USD 0.3 per fix-month (The minimum quota that you can purchase is 20.)	An unlimited quota is provided, and no additional fees are generated.			USD 0.3 per fix-month (The minimum quota that you can purchase is 20.)
	Application protection	You can purchase a larger quota at a lower unit price. Tier 1: If the quota is no greater than 50, the fee is USD 6 per process-month. Tier 2: If the quota is greater than 50 but no greater than 200, the fee is USD 4.5 per process-month. Tier 3: If the quota is greater than 200, the fee is USD 3 per process-month.
	Web tamper proofing	USD 165 per server-month
	Threat analysis and response	Log Data to Add: You are charged based on tiered pricing. The following list describes the unit price for each tier. X is the amount of log data that is added within one day. 0 GB < X ≤ 10 GB: USD 0.6 per GB-day 10 GB < X ≤ 50 GB: USD 0.48 per GB-day 50 GB < X ≤ 100 GB: USD 0.45 per GB-day 100 GB < X ≤ 9,999,999 GB: USD 0.42 per GB-day Log Storage Capacity: USD 0.1 per GB-month
	Anti-ransomware	USD 0.045 per GB-month
	Log analysis	USD 0.1 per GB-month				Not supported.
	Container image scan	Not supported.	USD 0.1 per image-month
	Cloud honeypot	USD 333.33 per probe-month (The minimum quota that you can purchase is 20.) Note You are charged for cloud honeypot based on the number of probes.
	Configuration assessment	Based on the consumed quota for configuration assessment (The total number of scans, verifications, and successful fixes for each check performed on an instance), a tiered pricing model is applied. The following list describes the specific pricing details (The minimum quota that you can purchase is 15,000, with increments of 55,000): Tier 1: If the quota is no greater than 100,000, the fee is USD 0.0009 per time. Tier 2: If the quota is greater than 100,000 but no greater than 500,000, the fee is USD 0.00069 per time. Tier 3: If the quota is greater than 500,000, the fee is USD 0.000625 per time. Note An instance refers to the instance of a specific network device or an application, such as an Object Storage Service (OSS) bucket or an ECS security group. For more information, see Overview of configuration assessment.
	SDK for malicious file detection	USD 1.5 per 10,000 detections-month (The minimum quota that you can purchase is 100,000.) Note You are charged based on the number of times that files are detected.
Subscription duration		Monthly or yearly subscription is supported.

Important

If you use Security Center Basic, you can purchase basic protection features or value-added features that are supported by other editions of Security Center. If you do not need to purchase basic protection features, you can purchase the Value-added Plan edition to separately purchase value-added features.
If you purchased the threat analysis and response feature before April 26, 2024, you are charged based on the original price of USD 0.44 per GB-month for log storage capacity.
On July 21, 2022, the basic service fees for Security Center Ultimate are changed from USD 3 per core-month to USD 23.5 per server-month + USD 1 per core-month.
If you purchased Security Center Ultimate before July 21, 2022, you are charged based on the original prices when you renew, upgrade, or downgrade Security Center.
Starting from July 21, 2022, you are charged the basic service fees for Security Center Ultimate in scenarios when you purchase Security Center Ultimate or upgrade Security Center to the Ultimate edition. Basic service fees = USD 23.5 per server-month + USD 1 per core-month.

Pay-as-you-go billable items

Vulnerability fixing: After you purchase the vulnerability fixing feature by using the pay-as-you-go billing method, you are charged USD 0.3 per fix by calendar day. For more information, see Purchase the vulnerability fixing feature.
Agentless detection: After you purchase the agentless detection feature by using the pay-as-you-go billing method, you are charged USD 0.03 per GB of scanned data by calendar day. For more information, see Use the agentless detection feature.
Configuration assessment: After you purchase the configuration assessment feature by using the pay-as-you-go billing method, you are charged based on the consumed quota for configuration assessment (including scan counts, verification counts, and successful fix counts) in the tiered pricing mode by calendar day. For more information, see Purchase and authorization.
Consumed quota for configuration assessment
Price (USD/time)
0~100,000
0.0009
100,001~500,000
0.0007
Greater than 500,000
0.00045

Overdue payments

For features that use the subscription billing method, no overdue payments can occur.

If you purchase the vulnerability fixing, agentless detection, or configuration assessment feature by using the pay-as-you-go billing method, overdue payments may occur. If the sum of the balance and vouchers in your Alibaba Cloud account is less than the payable amount, your bill is overdue.

If you have overdue payments, you can no longer use the vulnerability fixing, agentless detection, or configuration assessment feature. You can no longer perform operations that generate fees. For example, you can no longer purchase or renew Security Center, or upgrade Security Center specifications.

Refunding

For more information about refund policies, submit a ticket.

Security Center:Billing overview