AI Assistant
 keep on record Console
Security Compliance
One of the cloud service providers with the most comprehensive compliance qualifications in Asia Pacific, it ensures the business safety of thousands of customers online from four aspects: infrastructure security, kernel platform security, system service security, and cloud security products. It has an authoritative and recognized native security capability. According to the Gartner report in 2021, the security capability ranks first in the world.
Security Compliance
Work together to build security on the cloud
Security on the cloud is a community of shared future. When enterprises begin to use cloud services, they actually transfer part of their security responsibilities to cloud manufacturers. As a cloud service provider, Alibaba Cloud is mainly responsible for the security compliance of the data center infrastructure and cloud platform, and is responsible for the security of the virtualization layer and cloud product layer running on the Apsara distributed cloud operating system according to the service mode. Customers are mainly responsible for their own data, applications and account security. Security on the cloud is a community of shared future. When enterprises begin to use cloud services, they actually transfer part of their security responsibilities to cloud manufacturers. As a cloud service provider, Alibaba Cloud is mainly responsible for the security compliance of the data center infrastructure and cloud platform, and is responsible for the security of the virtualization layer and cloud product layer running on the Apsara distributed cloud operating system according to the service mode. Customers are mainly responsible for their own data, applications and account security.
Learn more about Alibaba Cloud's security responsibility sharing model
Cloud platform security compliance
Cloud platform security
From the physical layer data center, hardware layer chips, to the platform layer storage, network, computing, and then to the upper layer virtualization execution environment, Alibaba Cloud is based on TPM, vTPM, and virtualization Enclave Technology, built a fully isolated and highly trusted computing environment based on DPCA security chip, and superimposed software and hardware encryption computing capabilities, providing customers with a secure and reliable platform environment in a variety of scenarios, such as public cloud, hybrid cloud, and edge cloud. From the physical layer data center, hardware layer chips, to the platform layer storage, network, computing, and then to the upper layer virtualization execution environment, Alibaba Cloud is based on TPM, vTPM, and virtualization Enclave Technology, built a fully isolated and highly trusted computing environment based on DPCA security chip, and superimposed software and hardware encryption computing capabilities, providing customers with a secure and reliable platform environment in a variety of scenarios, such as public cloud, hybrid cloud, and edge cloud.
Default immune protection mechanism of cloud platform
On average, Alibaba Cloud's default immune mechanism for intrusion silently provides more than 6 million automated threat disposal for users deployed on Alibaba Public Cloud every year.
Cloud products have their own security attributes
522 core security capabilities are built into 50+cloud products. When you select Alibaba Cloud's computing, storage and network products, security functions are enabled with one click, without repeated deployment, and the separation of security and business is avoided.
Operation and maintenance security and supply chain security fully integrated into management
Alibaba Cloud's native security capabilities are fully extended to security operations and maintenance, security development, and supply chain security management, helping enterprises build more secure, controllable, advanced, and intelligent business systems.
Global compliance system
Authoritative recognition
The first L4+level in China
Cloud native security maturity assessment
The first batch passed the 2022 cloud native technology architecture maturity assessment of the Chinese Academy of Information and Communications
Gartner Certification
The highest score of global cloud manufacturer's security single item
Gartner AliCloud International IaaS and PaaS Solution Scorecard Report in 2021
Domestic cloud manufacturers
Grand Slam of overall safety ability
Gartner Cloud Native Security Capability Assessment Report, Forrester Global IaaS Platform Native Security Capability Report, IDC MarketScape China Cloud Service Provider Security Capability Vendor Assessment (2020)
User Security Compliance Guide
Understanding cloud native security panorama
The security experience pavilion interprets the cloud's native security concept, helps you quickly understand the atomization and service-oriented security paradigm, and restores Alibaba Cloud's best security practice architecture from a panoramic perspective. The security experience pavilion interprets the cloud's native security concept, helps you quickly understand the atomization and service-oriented security paradigm, and restores Alibaba Cloud's best security practice architecture from a panoramic perspective.
Explore Now
Select appropriate security services
Cloud application traffic security
The traditional boundary has been broken in the cloud, and malicious traffic may exist in both internal and external networks. It is necessary to filter traffic at each node to control access.
DDoS protection
Web application firewall WAF
Cloud firewall
Cloud load security
Virtual machines, containers, serverless and other services used by enterprises on the cloud can be regarded as workloads in a unified way, facing various security problems and vulnerabilities, and need continuous threat detection and security scanning.
Cloud Security Center
Cloud data security
Customers have the ownership of all their data on the cloud, and are also responsible for their security in the process of storage, use, sharing, updating, etc., including sensitive data identification, data transmission encryption, data access control, etc.
Data Security Center
Digital Certificate Management Service
Database audit
Encryption service
Key management service
Identity and authority management
Identity management is the cornerstone of cloud security. Building a perfect account system, applying the minimum authorization principle, multifactor authentication, SSO and other capabilities, is also an important part of building a zero trust architecture.
Access control RAM
Application identity service IDaaS
Office Platform Safety SASE
Landing Zone Enterprise Cloud Framework
Before you migrate your business to Alibaba Cloud, you may have concerns about how to ensure the security and compliance of your business on the cloud, while giving consideration to flexible business organization expansion. Based on a large number of customer practices, we found that reasonable planning before cloud deployment can avoid repeated restructuring of management methods and accelerate large-scale cloud deployment of businesses. Therefore, it is recommended that you first plan a complete enterprise cloud framework from the top level, also known as the Landing Zone, before going to the cloud.
Learn more
Architecture Excellence - Security Compliance Pillar
Identify internal and external security requirements and regulatory demands of the enterprise, plan and implement network security, identity security, host security, data security, etc. in a cloud environment in an all-round way, and continue to detect and respond quickly to threats.
Learn more
Data security in AI era
Secure AI System by Confidential Computing
AI technology is developing rapidly. Failure to effectively protect the security of sensitive data and large models may cause damage to the intellectual property rights and compliance of enterprises, adversely affect the reputation of enterprises and customer relationships, and thus weaken the competitive advantage and revenue of enterprises. In order to meet this challenge, Alibaba Cloud, together with the Software Research Institute of the Chinese Academy of Sciences, Nanhu Laboratory, the China Electronics and Information Industry Development Research Institute and other research institutions, jointly released the Research Report on Security of Artificial Intelligence Systems for Secure Computing. Emphasizing the core concept of "ensuring AI security from system level hardware", revealing the key role of confidential computing technology in maintaining AI system security, provides an important direction for improving the security level of AI Infra. AI technology is developing rapidly. Failure to effectively protect the security of sensitive data and large models may cause damage to the intellectual property rights and compliance of enterprises, adversely affect the reputation of enterprises and customer relationships, and thus weaken the competitive advantage and revenue of enterprises. In order to meet this challenge, Alibaba Cloud, together with the Software Research Institute of the Chinese Academy of Sciences, Nanhu Laboratory, the China Electronics and Information Industry Development Research Institute and other research institutions, jointly released the Research Report on Security of Artificial Intelligence Systems for Secure Computing. Emphasizing the core concept of "ensuring AI security from system level hardware", revealing the key role of confidential computing technology in maintaining AI system security, provides an important direction for improving the security level of AI Infra.
Based on the above concept, Alibaba Cloud has launched the Confidential AI solution, which provides an integrated AI security and privacy protection mechanism that runs through the entire life cycle of the big model data and covers the end-to-end cloud. Through the integration of cloud products and services such as PAI EAS and elastic computing EGS, the security standards of AI Infra have been greatly improved and the security of the AI system execution environment has been comprehensively guaranteed by using the encryption and isolation capabilities of cryptographic data provided by confidential computing hardware. Based on the above concept, Alibaba Cloud has launched the Confidential AI solution, which provides an integrated AI security and privacy protection mechanism that runs through the entire life cycle of the big model data and covers the end-to-end cloud. Through the integration of cloud products and services such as PAI EAS and elastic computing EGS, the security standards of AI Infra have been greatly improved and the security of the AI system execution environment has been comprehensively guaranteed by using the encryption and isolation capabilities of cryptographic data provided by confidential computing hardware.
Big model service data security
As a large model service platform uniformly exported by Alibaba Cloud to users, users can quickly build their own large model applications through the easy-to-use interface and tool chain provided by Bailian. In order to deal with complex and changing security risks and challenges, Alibaba Cloud jointly ensures the security of user data throughout its life cycle from multiple dimensions, such as basic security, data security, and security compliance. Alibaba Cloud provides enhanced data security protection capabilities according to the security level requirements of different users, and supports users to configure flexibly and expand on demand. As a large model service platform uniformly exported by Alibaba Cloud to users, users can quickly build their own large model applications through the easy-to-use interface and tool chain provided by Bailian. In order to deal with complex and changing security risks and challenges, Alibaba Cloud jointly ensures the security of user data throughout its life cycle from multiple dimensions, such as basic security, data security, and security compliance. Alibaba Cloud provides enhanced data security protection capabilities according to the security level requirements of different users, and supports users to configure flexibly and expand on demand.
Start a safe and compliant cloud journey immediately
Free trial