Security Check
Continuously scan hosts and containers against built-in and custom compliance rules to catch misconfigurations before they become risks.
Pay-As-You-Go
$0.09
per GB scanned (compressed), per day*
- Official Rule Library
Hundreds of built-in checks covering host, container, network, storage, and system-level configuration baselines. - Custom Rule Development
Extend detection with Lua-based custom rules and a built-in standard library for organization-specific policies. - Security Check Explorer
Browse and investigate scan results in a dedicated explorer view, with generated metrics for trend analysis. - Multi-end Output
Forward scan results to DataKit or Alibaba Cloud Logs for downstream processing and integration.
*Billed daily, the cost is based on the compressed size of data scanned.
Multi-Year/Volume Discounts Available
Common Questions
- What does Security Check scan for?
- Security Check scans hosts and containers against built-in rules covering system configuration, user and access changes, network exposure, storage settings, and container security—similar in concept to a CIS benchmark scan.
- Can I write my own detection rules?
- Yes, Security Check supports custom rule development in Lua, backed by a built-in standard library, so you can extend detection beyond the official rule library for your organization's specific policies.
- How is "GB scanned" calculated?
- Billing is based on the compressed size of the data scanned each day, not the raw uncompressed size.
- Where can I see scan results?
- Results are available in the Security Check Explorer, and can also be converted into metrics or forwarded to DataKit or Alibaba Cloud Logs for further analysis.

