The Data Detection and Response value-added service of Data Security Center (DSC) helps detect data leaks from OSS and databases. To use this service, you must purchase sufficient OSS protection capacity and database instances. The service scans files in a destination bucket for the AccessKey pair (AK) of an Alibaba Cloud account or a Resource Access Management (RAM) user, and for database information such as an endpoint, a port number, an account, and a password. The service also detects risky behaviors, such as access to authorized buckets and files using leaked or abnormal AKs, and access to the corresponding databases using leaked database accounts. This topic describes the billing rules for and how to purchase the Detection and Response service.
Prerequisites
If you use a RAM user to enable the Detection and Response service, you must attach the AliyunBSSOrderAccess and AliyunBSSRefundAccess system access policies to the RAM user. These policies grant the permissions required to purchase, renew, and unsubscribe from DSC instances. You must also attach the AliyunYundunSDDPFullAccess system access policy to grant the permissions required to manage or access the DSC console. For more information, see Grant permissions to a RAM user.
Billing rules
The Detection and Response service is a subscription-based service. For more information about the billable items, billing rules, and free tier specifications, see Billing overview.
Purchase and enable the Detection and Response service
You can purchase the Detection and Response value-added service in the following scenarios.
Activate DSC for the first time and purchase a value-added service
Go to the Data Security Center buy page and log on to your Alibaba Cloud account.
Select an edition.
You can select Advanced Edition, Enterprise Edition, DB Audit (Classified Protection Compliance), or Value-added Plan. For more information about the editions, see Purchase DSC.
In the Value-added Module section, set Data Detection and Response to Enable.
After you enable the service, you receive 1 TB of OSS protection capacity and one database instance free of charge every month.
Select the amount of Data Detection and Response - OSS Protection Capacity (in TB) and the number of Data Detection and Response - Number of Database Instances that you want to purchase.
The price varies based on the protection capacity. For example, you can purchase the required OSS protection capacity based on the amount of OSS data that you need to protect, after you subtract the free 1 TB that is provided every month. For more information about the pricing of OSS protection capacity, see Billing overview.
Select a Duration.
Click Buy Now and complete the payment.
After you complete the purchase, if this is the first time you log on to the Data Security Center console, you are prompted on the Overview page to authorize DSC to access your cloud resources. After you grant the authorization, the DSC instance can access the resources of Alibaba Cloud services such as OSS and perform operations such as sensitive data scans and analysis on these resources.
For more information, see Authorize DSC to access cloud resources.
Upgrade to a value-added service after you purchase DSC
Log on to the Data Security Center console.
On the Overview page, click Upgrade.
On the Upgrade/Downgrade page, enable Data Detection and Response in the Value-added Module section and select the Data Detection and Response - OSS Protection Capacity and Data Detection and Response - Number of Database Instances.
The Detection and Response service requires the data audit service. You must also purchase a sufficient amount of Log Storage capacity.
Click Buy Now and complete the payment.
What to do next
After you enable the service and complete the authorization, you can follow the procedure in Data leak detection to promptly detect and handle related data breach threats.