Logo of Trend Micro

Enable Malicious Behavior Defense

Trend Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 1000 automated best practice checks.

Risk Level: Medium (should be achieved)

Ensure that the Malicious Behavior Defense feature is enabled in the Security Center settings in order to automatically detect and block common viruses, trojans, mining programs, and ransomware. Once enabled, the Malicious Behavior Defense security feature applies protection for all your servers. The feature is available on the Anti-virus Edition, Advanced, Enterprise Edition, and Ultimate plans.

Security

Enable the Malicious Behavior Defense feature in Alibaba Cloud Security Center for automatic protection against common threats like ransomware, webshells, and malware. It scans processes, detects suspicious behavior, and blocks harmful programs such as common viruses, minimizing damage and saving you time.

Audit

To determine if Malicious Behavior Defense is enabled in the Security Center settings, perform the following operations:

Getting the Malicious Behavior Defense feature status via Alibaba Cloud CLI (aliyun) is not currently supported.

Using Alibaba Cloud Console

01 Sign in to your Alibaba Cloud account.

02 Navigate to Security Center console available at https://yundun.console.aliyun.com/?p=sas#/overview/home.

03 In the top navigation bar, select the region where your servers reside (China or Outside China).

04 In the left navigation panel, under System Configuration, choose Feature Settings.

05 Choose the Settings tab, select Host Protection Settings, and check the Malicious Host Behavior Prevention setting status to determine if the Malicious Behavior Defense feature is enabled for your servers. If the Malicious Host Behavior Prevention setting is disabled, the Malicious Behavior Defense security feature is not enabled for your Alibaba Cloud account.

Remediation / Resolution

To ensure that the Malicious Behavior Defense security feature is enabled within your Alibaba Cloud account, perform the following operations:

Enabling the Malicious Behavior Defense feature status via Alibaba Cloud CLI (aliyun) is not currently supported.

Using Alibaba Cloud Console

01 Sign in to your Alibaba Cloud account.

02 Navigate to Security Center console available at https://yundun.console.aliyun.com/?p=sas#/overview/home.

03 In the top navigation bar, select the region where your servers reside (China or Outside China).

04 In the left navigation panel, under System Configuration, choose Feature Settings.

05 Choose the Settings tab, select Host Protection Settings, and turn on the Malicious Host Behavior Prevention setting to enable the Malicious Behavior Defense feature for all your servers.

06 If your current Security Center plan does not support the feature, you must upgrade your plan to Anti-virus Edition, Advanced, Enterprise Edition, or Ultimate. On the Select a product version panel, select the Basic Services tab, and choose the necessary plan for upgrade. On the selected plan page you can configure quotas, advanced features, or auto-renewal settings. Once all the necessary settings are configured, select Buy Now, agree to terms and conditions, and choose Pay to finish the payment and upgrade your Security Center plan.

References

Publication date Apr 30, 2024

Related AlibabaCloud-SLS rules