:Release notes (earlier than 2024)

Feature

Category

Description

Involved edition

Release date

References

Container escape prevention

New feature

The feature of container escape prevention is released. The feature detects risky operations from multiple dimensions such as processes, files, and system calls, and establishes protection barriers between containers and hosts. The protection barriers effectively block escape behavior and ensure the runtime security of containers.

Ultimate

2022-12-22

Use container escape prevention

Image vulnerability whitelist

New feature

The feature of image vulnerability whitelist is released. You can create a whitelist for image vulnerabilities to exclude specific vulnerabilities that you do not want to detect.

Ultimate

2022-12-15

Scan images

Overview tab in the Assets module

Feature iteration

The Overview tab in the Assets module is optimized.

All editions

2022-12-14

View information on the Overview tab

Cloud sandbox check

New feature

The feature of cloud sandbox check is released. The feature provides an environment to safely run files in isolation and analyzes dynamic and static behavior data of the files. This way, you can run suspicious applications in a secure manner and detect suspicious behavior of files.

All editions

2022-12-14

View and handle alerts

Adaptive blocking rule for webshell communication

New feature

The detection model of the malicious behavior defense type can detect webshell communication. You can create an adaptive interception rule for webshell communication to detect suspicious webshell traffic after you run malicious files. This prevents attackers from exploiting suspicious traffic.

Enterprise and Ultimate

2022-12-13

View and handle alerts

Feature

Category

Description

Involved edition

Release date

References

Attack source analysis

New feature

Analysis reports on attacks from different source IP addresses and attacker profiles are provided.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-11-30

View the source tracing results of attacks

Application protection

Feature iteration

The procedures of enabling application protection for applications and containers are optimized.

Advanced, Enterprise, and Ultimate

2022-11-30

Use the application protection feature

Agentless detection (in public preview)

New feature

The agentless detection feature is released. The feature adopts the agentless technology to detect security risks on Elastic Compute Service (ECS) instances, precluding the need to install the Security Center agent.

Advanced, Enterprise, and Ultimate

2022-11-30

Use the agentless detection feature

Configuration assessment

New feature

The service-linked role AliyunServiceRoleForSasCspm can be created for the configuration assessment feature.

Advanced, Enterprise, and Ultimate

2022-11-21

Service-linked roles for Security Center

Anti-ransomware

Feature iteration

Simple application servers are supported by the anti-ransomware feature.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-11-17

Overview

Application protection

Feature iteration

The application security feature is renamed the application protection feature. The entry point to the feature is moved under Protection Configuration in the left-side navigation pane of the Security Center console.

Advanced, Enterprise, and Ultimate

2022-11-17

Use the application protection feature

Container image scan

New feature

The feature of container image scan is provided to detect common sensitive files. The feature also checks whether sensitive data exists in custom image files.

Ultimate

2022-11-15

View and handle detected image risks

Multi-cloud configuration management

Feature iteration

Servers that are not deployed on Alibaba Cloud can be added to the Singapore management center.

All editions

2022-11-10

Add a third-party asset to Security Center

Protection of self-managed Kubernetes clusters

New feature

Log-based threat detection can be enabled for self-managed Kubernetes clusters that are connected to Security Center.

Ultimate

2022-11-10

Add a self-managed Kubernetes cluster to Security Center

Feature

Category

Description

Involved edition

Release date

References

Container management

Feature iteration

The details page of a cluster is re-designed. You can view the risks in a cluster by cluster, node, and application.

Ultimate

2022-10-14

Manage container assets

Alert management

Feature iteration

Alerts can be viewed and handled by container and host.

Ultimate

2022-10-14

View and handle alerts

Feature

Category

Description

Involved edition

Release date

References

Container image scan

Feature iteration

The risk statistics section on the Image Security page is optimized.

Ultimate

2022-09-23

View and handle detected image risks

Proxy access

New feature

ECS instances that reside in a VPC and are inaccessible over the Internet can be added to Security Center by using the proxy access feature. You can also use the feature to manage the uplink traffic of the ECS instances. The uplink traffic refers to the traffic from ECS instances to Security Center.

All editions

2022-09-22

Add servers to Security Center by using the proxy access feature

Container image scan

Feature iteration

Container runtime image scans are supported.

Ultimate

2022-09-17

Scan images

Feature

Category

Description

Involved edition

Release date

References

Vulnerability management

Feature iteration

The vulnerability scan progress can be viewed in the list of vulnerability scan tasks.

All editions

2022-08-22

Scan for vulnerabilities

Billing

Feature iteration

Specification changes and renewal can be performed at the same time. When you renew Security Center, you can change the specifications of Security Center. The existing specifications of Security Center are retained during the current subscription period. When the renewal order takes effect, the new specifications are automatically applied.

All editions

2022-08-16

Renew the subscription to Security Center

Billing

Feature iteration

The entry points to Security Center upgrade and specification downgrade are separately provided.

All editions

2022-08-16

Upgrade and downgrade Security Center

Server management

Feature iteration

A server group can be created when you change the server group for a server.

All editions

2022-08-10

Manage servers

Cloud honeypot

Feature iteration

A honeypot can be deployed in a server in a data center by using a proxy server. When you create a probe in the Security Center console, you must configure a proxy IP address for the server. This way, you can deploy the honeypot in the server in proxy mode.

All editions

2022-08-05

Configure a honeypot

Feature

Category

Description

Involved edition

Release date

References

Architecture

Feature iteration

The menu in the left-side navigation pane of the Security Center console is adjusted.

All editions

2022-07-21

None

Baseline check

Feature iteration

The Risk Details tab is added to the Baseline Check page. You can click Details in the Actions column of a check item on this tab to view the servers that are affected.

Advanced, Enterprise, and Ultimate

2022-07-21

Baseline check

Billing

Feature iteration

The basic fee of Security Center Ultimate on the Alibaba Cloud International site is adjusted.

Ultimate

2022-07-21

Billing overview

Container management

Feature iteration

The method used to connect self-managed Kubernetes clusters to Security Center is modified.

Ultimate

2022-07-19

Add a self-managed Kubernetes cluster to Security Center

Alert management

Feature iteration

• The numbers of alert events in each ATT&CK phase are displayed.

• The whitelist rules of alerts are optimized. You can apply a whitelist rule to the current asset or all assets.

• A time range can be specified as a search condition to search for alerts.

• Ignored alerts can be removed from the ignored alert list.

• An alert export task can export the remarks of the alerts.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-07-16

View and handle alerts

Server management

Feature iteration

The details page of a server is optimized. The O&M and Monitoring tab is added to the page. The tab displays information that is originally displayed on the Cloud Assistant and CloudMonitor tabs.

All editions

2022-07-04

Manage servers

Feature

Category

Description

Involved edition

Release date

References

Application security

New feature

The application security feature is released. You can use the feature without the need to change application code. You need to only install the application security agent on the processes related to the applications that you want to protect. The feature can protect your applications against attacks that are launched by exploiting most unknown vulnerabilities.

Advanced, Enterprise, and Ultimate

2022-06-14

Use the application protection feature

Baseline check

Feature iteration

The supported baselines are updated.

Advanced, Enterprise, and Ultimate

2022-06-14

Baseline check

Web tamper proofing

Feature iteration

The list of operating systems and kernels that web tamper proofing supports is updated.

Advanced, Enterprise, and Ultimate

2022-06-16

Use the web tamper proofing feature

Billing

Feature iteration

The basic fee of Security Center Ultimate on the Alibaba Cloud International site is adjusted.

Ultimate

2022-06-24

Billing overview

Container image scan

Feature iteration

The value of the Speed Limit parameter that specifies the speed for image scans is configurable. You can specify a custom value for the parameter when you scan images in a Harbor image repository. This helps improve the efficiency of image scans.

Advanced, Enterprise, and Ultimate

2022-06-28

Scan images

Feature

Category

Description

Involved edition

Release date

References

Global log filtering

New feature

The global log filtering feature is released. The feature helps ensure security, improve the utilization of log storage, and ensure the quality of collected logs. The feature also improves operational efficiency.

All editions

2022-05-19

Global Log Filter

Malicious behavior defense

Feature iteration

The malicious behavior defense feature is available for the Advanced edition.

Advanced, Enterprise, and Ultimate

2022-05-19

Use the malicious behavior defense feature

Multi-cloud configuration management

Feature iteration

The feature of multi-cloud configuration management is released. The feature allows you to add servers of third-party cloud service providers, such as Tencent Cloud and Amazon Web Service (AWS), to Security Center.

All editions

2022-05-19

Add a third-party asset to Security Center

Baseline check

Feature iteration

The baseline check items are updated. After the update, the baseline check items are classified based on the following baseline types:

• Weak password

• Unauthorized access

• Container security

• Best security practices

• CIS compliance

• MLPS compliance

• Custom baseline

Advanced, Enterprise, and Ultimate

2022-05-19

Baseline check

Assets

Feature iteration

The Container page is re-designed. The information about containers is displayed on the Image and Cluster tabs from different dimensions.

All editions

2022-05-19

Manage container assets

Security report

Feature iteration

The security report feature is released. The feature allows you to specify a custom time range in which you want security reports to be sent.

Advanced, Enterprise, and Ultimate

2022-05-19

Security report

Baseline check

Feature iteration

Snapshot creation is supported before you handle baseline risks.

Advanced, Enterprise, and Ultimate

2022-05-05

Baseline check

Feature

Category

Description

Involved edition

Release date

References

Cloud honeypot

Feature iteration

The cloud honeypot feature is released. You can purchase and use the feature in the Security Center console. The cloud honeypot feature provides capabilities such as attack discovery and attack source tracing within and outside the cloud. You can create honeypots in VPCs and on the servers that are protected by Security Center. This protects the servers from attacks that are launched within and outside the cloud and provides proactive defense capabilities.

All editions

2022-04-26

Overview, Purchase the cloud honeypot feature, Configure a honeypot, and View and handle alert events

Proactive defense for containers

New feature

The feature of proactive defense for containers is released. The feature detects risks on an image when you use the image to create resources in a cluster. The feature allows you to create a container defense policy for a cluster. If an image hits the container defense policy, Security Center handles the image that is started in the cluster based on the action of the policy. The action can be Block, Alert, or Allow. This ensures that the image does not affect your business.

Ultimate

2022-04-19

Use the feature of proactive defense for containers

Container image scan

Feature iteration

The list of image scan results can be exported.

Advanced, Enterprise, and Ultimate

2022-04-12

View and handle detected image risks

Log analysis

Feature iteration

Some log fields are added to the process logs and network connection logs.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-04-08

Log types and log fields

Basic task

Feature iteration

The page on which you can complete basic tasks is re-designed.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-04-08

Complete basic tasks

Assets

Feature iteration

The feature of asset information collection is released. You can use the feature to synchronize the information about your assets. You can also use the feature to collect information about your servers. The information includes the MAC addresses and kernel versions of your servers.

All editions

2022-04-08

Manage servers

Attack analysis

Feature iteration

The attack analysis feature is improved to block webshells and provide instructions on how to disable defense rules.

Enterprise and Ultimate

2022-04-01

Attack awareness

Feature

Category

Description

Involved edition

Release date

References

Baseline check

Feature iteration

The Baseline Check page is re-designed.

All editions

2022-03-11

Baseline check

Agent troubleshooting

Feature iteration

The agent troubleshooting feature is optimized.

All editions

2022-03-18

Use the agent troubleshooting feature

Anti-ransomware

Feature iteration

The maximum number of protected directories that you can specify when you create an anti-ransomware policy for servers is increased from 8 to 20.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-03-25

Create an anti-ransomware policy

Feature

Category

Description

Involved edition

Release date

References

Assets

Feature iteration

The entry point to the asset fingerprints feature is migrated to the Server(s) tab on the Assets page. The asset fingerprints such as the fingerprints of databases and web services can be collected.

Enterprise and Ultimate

2022-02-22

Manage servers and Use the asset fingerprints feature

Overview

Feature iteration

The Overview page is re-designed, and the statistics that you must take note of are conspicuously displayed.

All editions

2022-02-22

Overview

CI/CD

New feature

The feature of CI/CD-based container image scan is released. After you install the CI/CD plug-in for a Jenkins Freestyle or Pipeline project or GitHub Actions, Security Center scans images in the project or GitHub for risks when you build the images. The risks include high-risk system vulnerabilities, application vulnerabilities, viruses, webshells, malicious execution scripts, configuration risks, and sensitive data. If Security Center detects vulnerabilities, Security Center provides solutions to help you fix the vulnerabilities.

Ultimate

2022-02-22

Overview, Obtain a token of the CI/CD plug-in, Install the CI/CD plug-in for a Jenkins Freestyle project, Install the CI/CD plug-in for a Jenkins Pipeline project, Install the CI/CD plug-in for GitHub Actions, and View image scan results

Malicious behavior defense

Feature iteration

The ATT&CK Phase section is added to the Host defense rules tab of the Malicious behavior Defense page. You can select an attack phase in the section to query system defense rules.

Enterprise and Ultimate

2022-02-26

Use the malicious behavior defense feature

Threat intelligence from ThreatBook

Discontinued feature

The feature of threat intelligence from ThreatBook is removed.

Anti-virus, Advanced, Enterprise, and Ultimate

2022-02-26

None

Feature

Category

Description

Involved edition

Release date

References

Vulnerability fixing

Feature iteration

In the upper-right corner of the vulnerability list on the Vulnerabilities page, the Show only real risk vulnerabilities switch is added. After you turn on the switch, Security Center displays only the vulnerabilities whose urgency score is high in the vulnerability list. After you turn off the switch, Security Center displays all vulnerabilities in the vulnerability list.

All editions

2022-01-11

Overview

Container image scan

Feature iteration

The Image Security page is modified. The Docker Hub Scan tab is migrated to the upper-right corner of the Image Security page. The Image security scan tab is removed from the Image Security page. You can view the details of image scan results on the Image Security page.

Ultimate and Enterprise

2022-01-07

Add image repositories to Security Center, Scan images, and View and handle detected image risks

Release date

Description

Involved edition

2021-12-23

The multi-account control feature is supported by all editions of Security Center.

All editions

2021-12-23

Up to eight protected directories can be specified in a custom anti-ransomware policy for a server.

Anti-virus, Advanced, Enterprise, and Ultimate

2021-12-15

A custom retention period can be specified for backup data of a server. This configuration is supported by the feature of anti-ransomware for servers.

Anti-virus, Advanced, Enterprise, and Ultimate

2021-12-15

Baseline risks and configuration risks of cloud services are no longer detected during a quick scan for vulnerabilities.

Advanced, Enterprise, and Ultimate

2021-12-01

The container firewall feature is updated. You can create a defense rule to allow, block, or generate alerts for access traffic. You can specify eight port ranges in a defense rule.

Ultimate

2021-12-01

The feature of container network topology is updated. The following list describes the update details:

• The network topology of a cluster can be exported.

• The default time range to search for a topology is changed from one day to seven days.

• If a cluster contains a large number of applications, the network topology of the cluster is not displayed by default.

• In the left-side section of the page that displays the network topology of the cluster, the switches of Show only connected applications, Display port information, and Hide lines are added. A namespace can be hidden or shown. The resources in a namespace can be hidden or shown.

• In the cluster details panel, the cluster information, cluster risks, image information, and protection policies are displayed.

Ultimate

Release date

Description

Involved edition

2021-11-26

The multi-account control feature is updated. After the update, you can configure the Security Center agent installed on the assets that belong to a member, scan for vulnerabilities in the assets, and configure baseline check policies for the assets.

Ultimate and Enterprise

2021-11-25

The Scanning Modes parameter is removed from the Settings panel of the Vulnerabilities page.

All editions

2021-11-25

The feature of anti-ransomware for servers is updated. After the update, you can specify more than 100 servers when you create an anti-ransomware policy.

All editions

2021-11-19

The honeypot feature is supported in more regions. After the update, the feature is supported in all regions.

Ultimate and Enterprise

2021-11-04

The Vulnerability retention duration parameter is added to the Scan Settings panel of the Image Security page. This parameter specifies the period of time during which the scan results are retained. You can configure this parameter based on your business requirements. The scan results are automatically deleted when the specified retention period elapsed.

Ultimate and Enterprise

Release date

Description

Involved edition

2021-10-30

More operating system versions are supported by the feature of anti-ransomware for servers. The feature of anti-ransomware for databases is supported in more regions. More database and operating system versions are supported by the feature of anti-ransomware for databases.

Anti-virus, Advanced, Enterprise, and Ultimate

2021-10-30

The feature of anti-ransomware for servers is updated. V1.0 anti-ransomware policies can no longer be edited but can be upgraded to V2.0 anti-ransomware policies with a few clicks.

Anti-virus, Advanced, Enterprise, and Ultimate

2021-10-21

Notifications for virus scan tasks and excess logs are supported by the notification feature.

All editions

2021-10-19

A delegated administrator account can be specified by using the multi-account control feature. You can specify a member as a delegated administrator account of Security Center. After you specify a member as a delegated administrator account, the member is authorized by the management account of your resource directory to perform the following operations: access and manage the information of your resource directory in Security Center, and view the risks that are detected in managed accounts. The information includes the organization and members of the resource directory.

Ultimate and Enterprise

Release date

Description

Involved edition

2021-09-29

The types of vulnerabilities that can be detected by quick scan tasks in the Anti-virus edition are changed to the same types in the Basic edition.

Anti-virus

2021-09-16

The PID column is added to the fingerprint list of the Process tab on the Asset Fingerprints page. The PID column displays the process IDs (PIDs).

All editions

2021-09-06

The agent troubleshooting feature is added to the Assets page. If the Security Center agent is offline, the agent fails to be installed or uninstalled, or the processes of the Security Center agent have a high CPU utilization, you can use the agent troubleshooting feature to troubleshoot issues that occur on the Security Center agent.

All editions

2021-09-06

The features of AccessKey pair leak detection and configuration assessment are supported in the Singapore (Singapore) region.

All editions

2021-09-06

The malicious behavior defense feature is released. You can use the feature to enable or disable system defense rules, and manage the assets to which each rule is applied based on your business requirements.

Ultimate and Enterprise

2021-09-06

Custom baseline check policies can be configured. You can configure custom baseline check policies based on your business requirements.

Advanced, Enterprise, and Ultimate

2021-09-06

The feature of asset management rules is optimized. You can create an asset management rule and specify a server group and a tag in the rule.

All editions

Release date

Description

Involved edition

2021-08-19

The feature of anti-ransomware for databases is supported. This feature allows you to create protection policies for MySQL databases, Oracle databases, and SQL Server databases that are deployed on Elastic Compute Service (ECS) instances. The policies protect these databases from ransomware.

All paid editions

2021-08-12

Detected image vulnerabilities can be exported.

Ultimate

2021-08-12

The feature of malicious behavior defense is supported. This feature allows you to select servers to protect based on the rules that are used to defend against malicious behavior.

Enterprise

Release date

Description

Involved edition

2021-07-22

Docker Hub images can be scanned. Security Center allows you to obtain the security posture of all images in Docker Hub. Security Center also provides the threat intelligence of basic images free of charge.

Basic

2021-07-22

The network connections between containers and the Internet can be visualized.

Ultimate

2021-07-22

Servers deployed on Tencent Cloud and servers in data centers can be connected to Security Center in a hybrid cloud architecture.

Basic

Release date

Description

Involved edition

2021-05-21

The container firewall feature is supported.

Ultimate

2021-05-13

The Port column is added to the Attack Awareness page. The port of an attacked asset is displayed in the column only when the type of an attack is SSH Brute force cracking.

Enterprise and Ultimate

Release date

Description

Involved edition

2021-04-25

A topic that introduces Security Center Basic is provided. This topic describes how to use Security Center Basic.

Basic

2021-04-22

An icon that indicates a weak password is provided. This icon is displayed in the communication link topology only if a weak password is detected on the asset.

Enterprise and Ultimate

2021-04-22

The Select all button is added to the panel that displays the details of a Linux software vulnerability. You can click this button to select all assets on which the vulnerability is detected. This makes vulnerability handling more efficient.

All editions

2021-04-15

Vulnerabilities that are detected by using software component analysis are displayed in the list of application vulnerabilities in a security report.

Enterprise and Ultimate

2021-04-08

The feature of asset exposure analysis is improved from the following aspects:

• In the Gateways panel, you can click the name of a gateway asset to go to the asset details page.

• In the Exposed Ports panel, you can click the name of an exposed port to view the assets that use this port.

• In the Exposed Components panel, you can click the name of an exposed component to view the assets that use this component.

• In the panel that displays the details of an exposed asset, you can click the ID of a security group to go to the configuration page of this security group.

Enterprise and Ultimate

2021-04-08

Risky Container(s) is added to the Container tab of the Assets page.

All editions

2021-04-01

Prevention Mode can be set to Interception Mode or Alert Mode when you enable web tamper proofing.

All paid editions

2021-04-01

A check item named Devops Codeup-Codebase Protection is added for configuration assessment.

Advanced, Enterprise, and Ultimate

2021-04-01

The Container firewall exception alert notification and Container firewall proactive defense notification items are added to the Notifications tab.

Ultimate

2021-04-01

In the left section of the Radar tab, Cluster, Application, Container, Work(s), and Image can be clicked. After you click one of these items, you can view the assets of a specific type on the Container tab of the Assets page.

Ultimate

Release date

Description

Involved edition

2021-03-30

The feature of ISO 27001 compliance check is supported.

All editions

2021-03-30

StartTime and EndTime can be configured if Execution Time is set to Custom Time when you create a task on the Playbook page.

Enterprise and Ultimate

2021-03-25

Weak passwords that are detected on exposed assets are displayed on the Exposure Analysis page.

Enterprise and Ultimate

2021-03-25

The number of container image scans that have been performed in the last seven days is displayed on the Image Security page.

Advanced, Enterprise, and Ultimate

2021-03-25

The vulnerabilities that are detected by Cloud Firewall are displayed on the Vulnerabilities page. On the Vulnerabilities page, the Cloud firewall Supports Virtual patches tag is used to indicate a vulnerability that is detected by Cloud Firewall. You can click the tag to go to the Cloud Firewall console to fix the vulnerability.

All editions

2021-03-18

The Restore target Directory column is added to the list of restoration tasks in the Restore Tasks panel. The panel appears after you click a number below Restoring / Records on the General Anti-ransomware Solutions page.

All paid editions

2021-03-09

The user experience optimization in proactive defense feature is supported by the Enterprise or Ultimate edition of Security Center. You can manage the feature on the Settings tab of the Feature Settings page of the Security Center console.

Basic, Anti-virus, and Advanced

2021-03-09

Alerts of the Precision defense type can be added to the whitelist. You can customize the whitelist policy based on the alert details. After you add these alerts to the whitelist, Security Center no longer sends you alert notifications when the alerts are generated.

All paid editions

2021-03-09

The About Us tab is added to the page that appears after you click Overview in the left-side navigation pane. The added tab provides the architecture of Security Center, security capabilities provided by Security Center, and the introduction to security experts.

All editions

Release date

Description

Involved edition

2021-02-25

The feature of automatic alert correlation analysis is added on the General tab of the Settings page. In the Alarm aggregation switch section of the General tab, you can turn on Alert Association to automatically aggregate the alerts of the same type. This makes alert handling more efficient.

Anti-virus, Advanced, Enterprise, and Ultimate

2021-02-25

The deduction item that indicates scope configurations for container image scans is added.

Advanced, Enterprise, and Ultimate

2021-02-04

The file path of a leaked AccessKey pair can be displayed in the Result section. The section is displayed in the message that appears after you click Details in the Operation column in the AccessKey pair details panel. This helps you handle leaked AccessKey pairs.

Advanced, Enterprise, and Ultimate

2021-02-04

The usage of the quota for container image scans is displayed on the Image Security page.

Advanced, Enterprise, and Ultimate

2021-02-04

The Scan Time Range parameter is added to the Scan Settings panel. This parameter indicates the time range in which images have changed. After you specify this parameter, you can use Security Center to scan images that have changed in the specified time range.

Advanced, Enterprise, and Ultimate

2021-02-04

All statistical items can be selected when you specify the information that a security report contains.

Advanced, Enterprise, and Ultimate

2021-02-04

The platform on which the AccessKey pair leaks are detected is displayed on the AccessKey Leak Detection page.

All editions

Release date

Description

Involved edition

2021-01-28

Urgent vulnerability detection is improved from the following aspects:

• If no urgent vulnerabilities are detected on your servers, vulnerability data cannot be exported to your computer.

• Urgent vulnerabilities can be displayed by page.

All editions

2021-01-26

The configurations of baseline check items can be managed in the Scan Settings panel. The panel appears after you click Scan Settings in the upper-right corner of the Image Security page.

Enterprise and Ultimate

2021-01-26

Third-party image repositories can be scanned.

Enterprise and Ultimate

2021-01-21

Image system vulnerabilities can be fixed by using the feature of container image scan. This ensures the security of the image runtime environment.

Enterprise and Ultimate

2021-01-21

The Overview page is displayed as a tab. On the tab, sections are optimized to improve user experience.

All editions

2021-01-14

The feature of saving the vulnerabilities queried by specific filter conditions is removed from the vulnerability details page. The vulnerabilities include Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, application vulnerabilities, and urgent vulnerabilities.

All editions

2021-01-14

The following operation is supported on the Asset Exposure Analysis page: view the information of gateways, exposed ports, and exposed components.

Enterprise and Ultimate

2021-01-14

The default Container Registry instances can be scanned by using the feature of container image scan.

Enterprise and Ultimate

2021-01-12

Baseline checks for images are supported by the feature of container image scan.

Enterprise and Ultimate

2021-01-12

The overview of risks is added to the Image Security page.

Enterprise and Ultimate

2021-01-07

A weak password dictionary can be customized in baseline check policies. This reinforces account security.

Advanced, Enterprise, and Ultimate

Release date

Description

Involved edition

2020-12-30

The tasks that are in the Waiting state can be canceled on the Playbook page.

Enterprise and Ultimate

2020-12-24

The Ultimate edition of Security Center is launched. The edition provides a centralized security management platform for servers and containers. The edition also provides an all-in-one threat solution that has multiple features, including threat detection during container runtime, container network visualization, container image scan, vulnerability fixing, and baseline check.

Ultimate

2020-12-24

The list of assets that are exposed on the Internet can be exported on the Asset Exposure Analysis page.

Enterprise

2020-12-24

The Dynamic adaptive threat detection capability feature is added to the General tab of the Settings page.

All editions

2020-12-17

The search boxes on the Vulnerabilities page are optimized. You can view the commonly used filter conditions on this page.

All editions

2020-12-17

The causes for alerts and the suggestions on handling the alerts are provided on the Alerts page. This allows you to view the causes and handle the alerts at the earliest opportunity.

All editions

2020-12-17

The feature of limiting the access speed and network bandwidth is supported by the feature of container image scan when you add third-party image repositories to Security Center. This ensures that your business is not affected.

Enterprise

2020-12-17

The rule that is used to calculate security scores is optimized. For users who do not have Elastic Compute Service (ECS) instances, the deduction item indicating that urgent vulnerabilities are detected for the first time is removed.

All paid editions

2020-12-17

The entry point to security group check is moved under Application market in the left-side navigation pane.

All editions

2020-12-17

The feature of asset exposure analysis is supported. This feature allows you to manage the assets that are exposed on the Internet in a centralized manner and collect statistics on the risks of these assets.

Enterprise

2020-12-17

The Exposure column is added to the server list on the Server(s) tab of the Assets page. You can check whether your servers are exposed on the Internet in the column.

Enterprise

2020-12-17

An entry point to join the technical support group in DingTalk is added to the lower-left corner of the Security Center console.

All paid editions

2020-12-17

The feature of handling an alert with a few clicks or multiple alerts by alert name at a time is supported by antivirus.

All paid editions

2020-12-17

The servers that you want to scan can be selected from one or more asset groups after you click Scan on the Virus Defense page.

All paid editions

2020-12-17

Auto-renewal by month is added to the Overview page.

All paid editions

Release date

Description

Involved edition

2020-11-26

The search boxes on the Vulnerabilities and Alerts pages are optimized.

All editions

2020-11-26

The feature of filtering affected assets by asset group is added to the panel that displays the details of an urgent vulnerability.

All editions

2020-11-26

Active defense experience optimization is added to the Proactive Defense section of the Settings page. This improves asset security and user experience.

All editions

2020-11-26

The deduction item that indicates threat detection configurations for Kubernetes containers is added.

Enterprise

2020-11-19

The asset fingerprints feature can be used to collect the latest fingerprints of all assets with a few clicks.

Enterprise

2020-11-12

The deduction item that indicates configurations for periodic virus detection is added.

All paid editions

2020-11-09

Security Center is available for Alibaba Cloud 2020 Double 11 Big Sale. Various coupons and discounts are offered.

All editions

Release date

Description

Involved edition

2020-10-26

The Value-added Plan edition is launched. The edition allows the users of Security Center Basic to separately purchase value-added based on the business requirements.

Value-added Plan

2020-10-22

The entry point to the anti-ransomware feature is moved to the left-side navigation pane. You can click Anti-ransomware under Defense in the left-side navigation pane to go to the General Anti-ransomware Solutions page.

Anti-virus, Advanced, and Enterprise

2020-10-22

The display of container-related assets on the Alerts page is optimized. The Affected Assets column displays pods, applications, clusters, and servers.

Enterprise

2020-10-22

The repeated Name column is deleted from the Middleware tab of the Asset Fingerprints page.

Enterprise

2020-10-22

When the vulnerability fixing progress reaches 99%, the message "The patch may take a long time to fix the vulnerability." is displayed. This optimization improves user experience.

Advanced and Enterprise

2020-10-22

The descriptions that you entered for ignored vulnerabilities can be viewed. This helps you manage the ignored vulnerabilities.

Advanced and Enterprise

2020-10-22

The First/latest scan time column is added to the Mirror Malicious Sample tab on the Image Security page. This column provides more details about image vulnerabilities.

Enterprise

2020-10-22

Third-party image repositories can be scanned. After you add a third-party image repository to Security Center, the system detects vulnerabilities and malicious samples on the third-party image repository. This ensures the security of the runtime environment for third-party image repositories.

Enterprise

2020-10-22

Images in your containers and third-party image repositories can be scanned by using the feature of container image scan.

Enterprise

2020-10-15

Your applications, at-risk applications, clusters, and namespaces are displayed on the Container tab of the Assets page.

All editions

2020-10-15

The vulnerability fixing feature is updated to check system configurations for specific Linux and Windows vulnerabilities before you can fix the vulnerabilities. For example, if the Windows Update service is running, a vulnerability fails to be fixed. In this case, the Fix button is dimmed. The cause of the failure and solution are provided when you move the pointer over the Fix button.

Advanced and Enterprise

2020-10-15

The scanning mode of Software Component Analysis is provided. You can select this mode only when Security Center periodically scans for application vulnerabilities.

Enterprise

Release date

Description

Involved edition

2020-09-25

A link for configuring security message recipients is added to the Notifications tab of the Settings page. You can click the link to go to the Common Settings page to modify the information about message recipients.

All editions

2020-09-25

On the Agent tab of the Settings page, Key Validity Period is added to the Windows OS card of the Client Installation Guide tab. If you want to install the Security Center agent on a server that is not deployed on Alibaba Cloud, you can configure Key Validity Period.

All editions

2020-09-25

The entry point to the Release notes topic of Security Center is added to the Overview tab of the Security Center console. You can click New Features to view the release notes and to learn how to use the new features.

All editions

2020-09-25

The Emergency vul(s) Scan Cycle parameter can be selected in the Settings panel of the Vulnerabilities page in the Advanced and Enterprise editions.

Advanced and Enterprise

2020-09-25

The feature of fixing multiple vulnerabilities on a server that runs Windows Server 2008 at a time is disabled, and a description is provided when you move the pointer over the Fix button. If you fix multiple vulnerabilities on a server that runs Windows Server 2008, the server cannot be started.

Advanced and Enterprise

2020-09-25

The entry point that you can click to check logs of the related alert is added to the Details tab of the Unusual Logon-Login with unusual location panel. On the Details tab, you can click Log Analysis to view the logs of the alert.

All paid editions

2020-09-22

Scan cycle configuration is supported in the Defense Configuration panel of the Virus Defense page. After you configure a scan cycle for a specific server, Security Center automatically scans the server based on the scan cycle and determines whether viruses exist on the server.

All editions

2020-09-22

The feature of configuring a scan cycle for image vulnerabilities is supported. After you configure a scan cycle for an image vulnerability, Security Center automatically detects vulnerabilities based on the scan cycle.

Enterprise

2020-09-22

The feature of configuring a scan cycle for urgent vulnerabilities is supported. You can configure the scan cycle in the Settings panel of the Vulnerabilities page. After you configure a scan cycle for an urgent vulnerability, Security Center automatically detects vulnerabilities based on the scan cycle.

Advanced and Enterprise

2020-09-22

Behavior prevention can be turned on in the Proactive Defense section on the Settings page. This helps you protect the servers that require protection against malicious network behavior.

All paid editions

2020-09-16

The antivirus feature on the Settings page is updated to Proactive Defense. You can turn on or turn off Anti-Virus, Anti-ransomware (Bait Capture), or Webshell Protection to protect your servers against viruses and malicious network behavior.

All paid editions

2020-09-16

If you want to fix multiple Linux software vulnerabilities at a time on the Vulnerabilities tab of your asset, the vulnerabilities for which you must manually upgrade the system cannot be selected. If you want to fix multiple vulnerabilities at a time on the Vulnerabilities page, Security Center automatically ignores the vulnerabilities for which you must manually upgrade the system. This improves the efficiency of fixing vulnerabilities.

Advanced and Enterprise

2020-09-03

The anti-ransomware feature is supported in the China (Chengdu) and US (Virginia).

All paid editions

2020-09-03

The anti-ransomware agent can be installed and uninstalled. Servers that use the same anti-ransomware policy can be deleted at a time. This allows you to manage the anti-ransomware agent for multiple servers at a time in a more efficient way.

All paid editions

2020-09-03

A maximum of 100 servers can be added to an anti-ransomware policy. This improves the efficiency of managing servers under an anti-ransomware policy.

All paid editions

2020-09-03

Urgent vulnerabilities of a specific type can be filtered based on version and network scan.

All editions

2020-09-03

The quick scan feature is supported for the users of Security Center Basic to detect urgent vulnerabilities. This improves the efficiency of urgent vulnerability detection.

Basic

2020-09-03

The feature of container threat detection is updated to K8s Threat Detection on the Settings page. Threat Detection is provided for you to enable or disable threat detection for Kubernetes clusters.

Enterprise

2020-09-02

Ubuntu 18.04, Ubuntu 20.04, and CentOS 8.2 operating systems are supported for the anti-ransomware agent.

All paid editions

Release date

Description

Involved edition

2020-08-27

Check item not enabled and Checked items enabled are provided on the Cloud Platform Configuration Assessment page. This allows you to view check items.

Advanced and Enterprise

2020-08-27

SSL Status of SSL certificates is added to the Risky Websites (TOP5) section on the Website Security Report page. This allows you to improve the efficiency of managing all certificates in your assets.

Enterprise

2020-08-27

Required verification is added before you restart a server to fix vulnerabilities. If the server to be restarted is in the process of fixing or verifying vulnerabilities, you are not allowed to restart the server, and a prompt appears. This feature prevents failures of vulnerability fixing or verification because of server restarts.

Advanced and Enterprise

2020-08-27

The layout of pagination display on the Emergency tab of the Recommended Fix (CVE) panel is optimized. This improves the performance of managing vulnerabilities.

Advanced and Enterprise

2020-08-27

Database security alerting is added to the Security Score module. We recommend that you use Alibaba Cloud ApsaraDB RDS databases with strong security protection mechanisms.

All editions

2020-08-27

Regions outside China are supported for Login Location in the Settings panel on the Alerts page. You can set the logon location to an overseas region for your services.

All editions

2020-08-26

Statistical data and security information about all pods and containers are added to the Container tab on the Assets page. You can view the security risks of containers.

All editions

2020-08-20

Suggestions for upgrading the operating system are provided to fix Linux software vulnerabilities that require operating system upgrades. This improves the efficiency of fixing vulnerabilities.

Advanced and Enterprise

2020-08-19

The anti-ransomware agent is updated, and the issue of high CPU utilization or high memory usage when you use the agent to back up data is fixed. This improves the performance of the anti-ransomware feature.

All paid editions

2020-08-13

The feature of detecting image application vulnerabilities is supported. This feature allows you to detect vulnerabilities on the middleware related to an image and provides fix solutions. This improves the security of running images.

Enterprise

2020-08-13

Web application threat detection, malicious script detection, and DDoS attack detection are added to the Alerts page.

Advanced and Enterprise

2020-08-13

The feature of archiving historical alerts is supported. You can archive and download historical alerts on the Alerts page at any time.

All editions

2020-08-06

Multiple Linux software vulnerabilities and Web-CMS vulnerabilities can be fixed at a time. This makes vulnerability management more efficient.

Advanced and Enterprise

2020-08-06

The baseline check feature is supported by the Advanced edition. Users of Security Center Advanced can use the baseline check feature to check the security configurations of servers.

Advanced

2020-08-06

The Baseline column is added to the Server(s) tab on the Assets page. This allows you to view the number of baseline risks on your servers.

Advanced and Enterprise

2020-08-06

The way for sending an alert after the feature of web tamper proofing is triggered can be specified. If a web page under protection is tampered with, Security Center automatically sends you an alert based on the way you specify.

All paid editions

2020-08-06

A prompt with the description about the scanning mode that you want to select is displayed when you change Scanning Modes in the Settings panel of the Vulnerabilities page. This provides you with instructions when you select a scanning mode.

All paid editions

2020-08-06

The recommended value of Start Time is changed from 00:00:00 to 05:00:00 to 00:00:00 to 03:00:00. This reduces the impact of data backup on your business. The parameter is used to create an anti-ransomware policy.

All paid editions

2020-08-06

The number of vulnerabilities that require fixing is added to the Application and Emergency tabs in the Recommended Fix (CVE) panel of the Vulnerabilities page.

Advanced and Enterprise

Release date

Description

Involved edition

2020-07-30

The Application and Emergency tabs are added to the Recommended Fix (CVE) panel. You can view and fix high-risk vulnerabilities in a timely manner.

Advanced and Enterprise

2020-07-30

Windows software vulnerabilities are prioritized based on the Microsoft official website. This allows you to view vulnerability priorities and fix vulnerabilities in a more convenient way.

All editions

2020-07-30

The security score can be affected by web tamper proofing. We recommend that you enable web tamper proofing for your website servers to prevent malicious modification, trojans, cyber kill chains, and insertion of illicit contents.

All paid editions

2020-07-29

The security check feature is added to help you check the security status of your websites on the Assets page and provides security reports. This feature allows you to view the risks on your websites, provides solutions, prevents attacks, malicious modification, or cyber kill chains, and ensures the stability of your websites.

Enterprise

2020-07-23

The vulnerability priority score can be affected by the asset importance score. The importance score of an important asset is set to 1.5, which indicates that a vulnerability detected on an important asset has a high priority.

All editions

2020-07-23

Successful Interception can be selected on the Alerts page after you select Handled. This allows you to view the common viruses that are automatically quarantined by Security Center.

All editions

2020-07-23

When you create a task that automatically fixes vulnerabilities, a maximum of 200 vulnerabilities on the Playbook page can be selected.

Enterprise

2020-07-16

The Security group check page is added. You can view weak security group rules and solutions on risk mitigation.

All editions

2020-07-16

The feature that runs quick scan tasks to detect container image vulnerabilities and malicious image samples is supported. This reduces risks when you use containers.

Enterprise

2020-07-16

Real risk model or Full rule scan mode can be selected as the scanning mode in the Settings panel of the Vulnerabilities page.

All editions

2020-07-16

Vulnerabilities can be filtered based on virtual private clouds (VPCs) on the Vulnerabilities page. This allows you to manage vulnerabilities on different VPCs in a more convenient way.

All editions

2020-07-09

The threat detection model on the Assets page can be viewed when you handle an alert. The threat detection model provides comprehensive threat detection based on the intrusion process. This reinforces your asset security.

All editions

2020-07-09

Alerts can be tagged with attack phases on the Assets page, such as attacks against entries and lateral movement attacks. This allows you to identify the phase of an attack that targets your assets.

All editions

2020-07-09

The feature of adding an alert event to the whitelist based on the field of alert details is supported. For example, if you handle an unusual logon alert, you can add the current logon region to the whitelist. Logons from the region added to the whitelist are allowed. This allows you to use the whitelist feature in a more convenient way.

All paid editions

Release date

Description

Involved edition

2020-06-23

YUM/APT Source Configuration can be selected in the Settings panel of the Vulnerabilities page. This improves the success rate of vulnerability fixing.

Advanced and Enterprise

2020-06-11

Backup files can be deleted when you use the anti-ransomware feature. This way, you can manage backup files more flexibly and make full use of the purchased anti-ransomware capacity.

All paid editions

2020-06-11

Assets can be tagged. On the Assets page, you can tag an asset as an important asset, common asset, or test asset. This allows you to manage assets in a more efficient way.

All editions

2020-06-09

The Anti-virus edition is launched to meet the urgent requirements of small- and medium-sized enterprises against virus intrusion. Security Center of this edition generates alerts upon detected viruses. In addition, it allows you to scan for viruses and remove persistent viruses with a few clicks.

Anti-virus

2020-06-04

The asset fingerprints feature is supported to collect information about the middleware of your servers. This allows you to know more about your assets.

Enterprise

2020-06-04

The parameters of anti-ransomware policies are updated. The recommended policy enables Security Center to back up data during off-peak hours. Data backup starts on 00:00:00 every day. This reduces negative effects or interruptions on your business when the system is backing up data.

All paid editions

Release date

Description

Involved edition

2020-05-15

The security score can be affected by anti-ransomware. We recommend that you enable the anti-ransomware feature for your core servers to improve the security score of your assets.

All paid editions

Release date

Description

Involved edition

2020-04-30

The antivirus feature is supported. It provides scans, alerts, deep cleanup, and data backup against persistent viruses such as mining programs. The antivirus feature provides layer-by-layer protection for your assets.

All paid editions

2020-04-23

Weak password rules can be customized as required.

All paid editions

2020-04-23

The client protection feature is supported. This feature automatically blocks activities that attempt to uninstall the Security Center agent. This ensures the stability of Security Center.

All paid editions

2020-04-17

Multiple Alibaba Cloud accounts and resource accounts in an enterprise can be managed in a centralized way. This allows you to monitor the security status of all accounts in the enterprise.

Enterprise

2020-04-03

Urgent vulnerability fixing is supported, and a unified page is provided for you to view and fix all urgent vulnerabilities.

All paid editions

2020-04-02

The basic protection mode, high-security prevention mode, and safeguard mode for major activities are supported by the Security Center agent. These modes allow the Security Center agent to protect your assets under different scenarios.

All editions

Release date

Description

Involved edition

2020-03-19

The container signature feature is supported to ensure that unauthorized container images cannot be applied. This feature improves asset security.

Enterprise

2020-03-12

The feature of container image vulnerability scan is in public preview. Security Center has detected more than 120,000 vulnerabilities and provides urgent vulnerability detection and solutions to make vulnerability fixing easier.

Enterprise

2020-03-06

The entry point to the Settings page is moved to the left-side navigation pane. After you log on to the Security Center console, you can click Settings in the left-side navigation pane to go to the Settings page.

All editions

Release date

Description

Involved edition

2020-02-28

The security status of containers can be viewed on the Assets page. This allows you to analyze the security risks and ensures the security of the cloud environment.

All editions

2020-02-11

Check items can be added to a whitelist of the baseline check feature.

Enterprise

2020-02-10

Linux server processes can be added to a whitelist of the web tamper proofing feature.

All paid editions

Release date

Description

Involved edition

2020-01-16

Virus Detection is renamed Virus Blocking. If you purchased Security Center after January 16, 2020, this feature is enabled by default.

All paid editions

2020-01-13

Snapshots are automatically created to fix Linux software or Windows vulnerabilities. You can roll back the system to a snapshot. This allows you to fix vulnerabilities in a safe way.

All paid editions

2020-01-08

The playbook feature is supported. This feature allows you to create tasks to automatically fix multiple vulnerabilities at a time. This way, you can reinforce the system security in a more efficient way.

Enterprise

2020-01-02

IP address blocking policies can be configured to defend against brute-force attacks. You can customize IP address blocking policies based on your requirements.

All editions

Release date

Description

Involved edition

2019-12-10

Security threat detection on running containers is supported.

Enterprise

2019-10-17

The feature of protection against brute-force attacks is supported. You can enable this feature in the Settings panel of the Alerts page.

All editions

2019-10-17

The fix and undo feature is provided for Linux CentOS 6 baseline risks. This feature allows you to fix one or more baseline risks at a time. For Linux CentOS 6 systems, the baseline check feature can detect baseline risks, generate alerts, fix baseline risks, and undo fixes.

Enterprise

2019-08-02

The AK and Password Leak Detection page is replaced by the AccessKey Leak Detection page.

Enterprise

2019-08-01

The Asset Management page is replaced by the Assets page. The Assets page provides visualized data of your assets and asset fingerprints to help you analyze the impact of potential risks. The Asset Fingerprints module allows you to manually collect asset fingerprints.

All editions

2019-07-31

The feature of container threat detection is supported.

Enterprise

2019-07-26

On the Settings page, notifications can be configured for the following two items: AccessKey pair leak information and cloud security configuration checks.

All editions

2019-07-16

The switch of daily security reports is removed from the Settings page.

All paid editions

2019-06-20

The results of configuration assessment can be exported.

All editions

2019-06-20

The Emergency tab on the Vulnerabilities page is optimized. You can view the progress of urgent vulnerability fixing.

All editions

2019-06-19

The feature of cloud platform best practices is renamed Cloud Platform Configuration Assessment.

All editions

2019-06-19

You can create security reports and specify the report content, data type, and destination email address. This feature helps you obtain the security status data of your assets.

All paid editions

2019-06-16

The Settings page is updated. The logon IP address whitelist is removed from the Settings page.

All editions

2019-06-05

The detection of application vulnerabilities is supported.

Enterprise

2019-05-21

Eighteen check items are added to the cloud platform best practices feature. These check items cover database whitelist configurations, Object Storage Service (OSS) log records, cross-region replication, Server Load Balancer (SLB) whitelist configurations, automatic image configurations of ECS instances, and ECS storage encryption.

All editions

2019-05-21

The feature of web tamper proofing is updated. You can view the overview of your website status. The whitelist and blacklist features are supported.

All paid editions

2019-03-30

Processes can be displayed based on detected vulnerabilities.

All paid editions

2019-03-21

Threat Detection Service is updated to Security Center. The Advanced edition is supported. Security Center has the Basic, Advanced, and Enterprise editions.

All editions

2019-03-21

The log retrieval feature is removed.

All paid editions

Release date

Description

Involved edition

2018-12-28

The attack analysis, access analysis, and threat analysis features are removed.

Enterprise

2018-12-20

In the Basic edition, threat detection is supported only for events of the Unusual Logon and Others-DDoS types. Threat detection in the Enterprise edition is not affected.

Basic

2018-12-15

Attack analysis and tracing are supported.

Enterprise

2018-12-10

Automatic alert correlation analysis is supported.

Enterprise