Release notes-Data Security Center(DSC)-阿里云帮助中心

This page lists updates to the features, identification templates, and documentation for Data Security Center (DSC).

Release notes

April 2025

Feature name	Change type	Description	Release date	Related documents
purchase	iteration	The Advanced Edition is now available. Specifications for the Enterprise Edition have been updated. Existing Enterprise Edition customers are unaffected.	2025-04-11	Billing Purchase Data Security Center

March 2025

Feature	Change type	Description	Date	Related documents
Column encryption	Enhancement	ApsaraDB RDS for MySQL now integrates with Key Management Service (KMS), enabling encryption with KMS-managed keys. ApsaraDB RDS for MySQL 8.0 now supports the AES-256-GCM encryption algorithm.	2025.03.31	Column encryption
Data auditing	Enhancement	Optimized the architecture of custom audit rules.	2025.03.26	Configure and enable audit alert rules
Column encryption	Enhancement	Updated supported encryption algorithms. ApsaraDB RDS for MySQL 5.7 now supports the AES-256-GCM encryption algorithm. ApsaraDB RDS for PostgreSQL 16 supports only the AES-256-GCM encryption algorithm.	2025.03.19	Column encryption

February 2025

Feature name	Change type	Description	Release date	Related documentation
column encryption	Enhancement	Adds support for PostgreSQL 16.	2025.02.28	column encryption

January 2025

Feature name	Change type	Description	Release date	Related documentation
Data audit	Enhancement	Data audit now integrates with data discovery, letting you view sensitive data patterns found in risk detection alert events.	2025.01.15	View and process audit alerts

Change history

2024

Feature name	Change type	Description	Release date	Related documents
Purchase	Iteration	The Basic Edition is no longer available for new purchases. Existing customers are not affected.	2024.12.30	Basic Edition (Discontinued)
Data detection and response	Iteration	Data Security Center (DSC) now features database leakage detection. DSC can scan authorized Object Storage Service (OSS) buckets for publicly exposed credentials, such as connection strings, ports, usernames, and passwords, to identify compromised accounts and instances. It also tracks risky access from leaked accounts, custom intelligence lists, or threat intelligence sources, and generates access alerts.	2024.12.11	Data leakage detection
Column-level encryption	Iteration	The column-level encryption feature now supports PolarDB for MySQL.	2024.12.04	Column-level encryption
Asset authorization	Iteration	You can now authorize Simple Log Service (SLS) as a data asset.	2024.11.05	Billing details Authorize unstructured data assets (OSS and SLS)
Sensitive data discovery	Iteration	Sensitive data discovery now supports Simple Log Service (SLS).	2024.11.05	Scan for sensitive data by using a discovery task
Column-level encryption	Iteration	This feature is now billed as a value-added service.	2024.10.14	Billing details Purchase Data Security Center
Value-added service billing	Iteration	When you purchase only value-added services, data audit and sensitive data discovery are enabled and billed as value-added services.	2024.10.14	Billing details Purchase Data Security Center
Data detection and response: OSS leakage (access key scenario)	Iteration	This update introduces the access traceability graph feature. This graph visually maps access paths to OSS files, helping you track and analyze complex data access relationships.	2024.09.24	Access traceability graph for OSS files
OSS image desensitization	Iteration	Added support for desensitizing images that contain license plate information (Chinese mainland). Added support for desensitizing license plate numbers and faces.	2024.09.24	OSS image desensitization
Column-level encryption	New	This release introduces the column-level encryption service. This service encrypts sensitive data columns in RDS database tables discovered by DSC. As a result, unauthorized users cannot view plaintext sensitive data on the Alibaba Cloud console or database client tools, ensuring that data is usable but not visible within the database.	2024.09.20	Column-level encryption
Multi-account management	Iteration	This update introduces hierarchical management for member accounts. Delegated administrators can now use RAM users to manage specified member accounts hierarchically based on the RDPath of folders in Resource Directory.	2024.09.12	Multi-account management
Data audit and audit alerts	Iteration	The DSC console has been optimized by merging the configurations for audit modes and audit alert rules.	2024.09.09	Cloud-native data audit
Log management	Iteration	The DSC console has been optimized by consolidating log analysis and log storage under Log management.	2024.09.09	Log analysis
Data Security Center Free Edition	New	The Free Edition of Data Security Center (DSC) is now generally available. It provides features such as baseline checks and data classification and grading.	2024.08.21	Activate Data Security Center Free Edition
OSS image desensitization	New	You can now scan specified buckets for images that contain ID card information and mask the ID numbers with gray rectangular bars.	2024.07.31	OSS image desensitization
Data detection and response	Iteration	This feature now detects and responds to access keys stored as plaintext in private buckets and objects.	2024.07.29	Data leakage detection
Data detection and response	Iteration	The Self-managed Intelligence feature for access keys has been optimized. You can now batch import and manage access key IDs in the Intelligence Management module.	2024.07.22	Risk overview and custom intelligence
Supported regions	Iteration	Support is now available in the following regions: Singapore (Singapore), Malaysia (Kuala Lumpur), and Indonesia (Jakarta).	2024.07.11	Supported regions
Data detection and response	New	DSC now detects leaked access keys of Alibaba Cloud accounts and RAM users exposed on public code repositories like GitHub or in public Object Storage Service (OSS) buckets. After detection, DSC tracks risky activities from these leaked keys or from keys in your custom intelligence list, and then generates corresponding access alerts.	2024.06.28	Data leakage detection
Anomaly detection model	Iteration	The anomaly detection model now provides machine learning-based alerts for anomalous OSS access behavior.	2024.05.22	Built-in detection models
Multi-account management	New	Data Security Center (DSC) now supports connecting different accounts through Resource Directory to centrally manage and aggregate cloud-native data assets.	2024.04.30	Multi-account management
Sensitive data discovery	Iteration	The data classification and grading feature is enhanced with new identification rules. It now identifies a broader range of data types, including Hong Kong (China) passports, Mainland Travel Permits for Hong Kong and Macao Residents, Alipay nicknames, Alipay accounts, policy numbers, MYbank IDs, Zhima IDs, and Zhima Credit scores.	2024.04.29	Supported sensitive data types
Allowlist	Iteration	Allowlist rules now apply to both audit and anomaly alerts, preventing matched behaviors from triggering them.	2024.04.18	Manage allowlists

2023

Feature name	Change type	Description	Release date	Related documents
Data export	New	Monitors data exports via OSS and API. It inventories exported personal information and sensitive personal information to help you determine whether you need to file a data export declaration.	2023.11.27	Data export monitoring
Report Center	New	Adds 15 new reports across five categories, including compliance analysis, security operations analysis, and performance analysis.	2023.09.12	View reports
Supported regions	New	Now supports the China (Chengdu) region.	2023.08.10	Supported regions
Data audit	New	Introduces the Log Storage Management module for managing log storage space, log archiving, and storage expansion.	2023.04.28	Manage log storage
Sensitive data detection	Enhancement	Adds the data tag feature. Based on the data classification and categorization results from an industry template, you can view general tags for sensitive data, such as personal information and sensitive personal information.	2023.03.10	View sensitive data detection results

2022

Feature	Type	Description	Date	Documentation
asset center	iteration	Automatically discovers and displays cloud data assets by type. Automates connections to data assets using one-click and batch authorization to improve the efficiency of data security management. Lets you partition data asset management by data domain.	2022-11-01	general database authorization
report center	iteration	Supports Data Security Law reports.	2022-03-28	view reports

2021

Feature name	Change type	Description	Release date	Related documents
watermark extraction	Iteration	Data Security Center now supports watermark extraction. You can embed a blind watermark into a database. In the event of a data leak, you can use this feature to trace the source.	2021-05-11	Configure and perform data desensitization
data audit	Iteration	Data Security Center now supports cloud-native data audit for Redis and MongoDB.	2021-04-23	Supported data asset types
report center	New	The report center is now available in Data Security Center. It supports reports for comprehensive analysis and Multi-Level Protection Scheme (MLPS) analysis.	2021-04-06	View reports
allowlist	New	You can add IP addresses or accounts to an allowlist to prevent their audit and anomaly events from triggering alerts.	2021-03-15	Manage allowlists
email report	New	Data Security Center now supports email reports.	2021-03-09	Configure email, SMS, and phone alert notifications
product name change	Iteration	Sensitive Data Protection is now named Data Security Center.	2021-01-28	Product name change announcement
sensitive data detection	Iteration	Data Security Center now supports sensitive data detection in RDS-PPAS and RDS MariaDB.	2021-01-19	Supported data asset types
sensitive data detection	Iteration	Data Security Center can now detect additional sensitive information types, including Linux-Passwd files, Linux-Shadow files, URLs, and English names.	2021-01-13	Supported sensitive data types
anomaly alert	Iteration	You can now detect anomalous behavior on RDS accounts, such as using weak passwords and consecutive failed login attempts.	2021-01-06	Description of built-in detection models
asset authorization	Iteration	You can now automatically authorize assets in batches by importing their passwords.	2021-01-05	General database authorization

2020

Feature name	Change type	Description	Release date	Related documentation
system settings	New	You can now send weekly and monthly reports with charts summarizing asset risks, such as sensitive data identification results and data audit alerts.	2020-12-25	Configure Email Reports
data masking	Iteration	Data masking now supports RDS PostgreSQL.	2020-12-17	Configure and Perform Data Masking
sensitive data identification	Iteration	Sensitive data identification now supports AnalyticDB.	2020-12-15	Scan for Sensitive Data by Using Discovery Tasks
data masking	Iteration	Data masking now supports PolarDB-X.	2020-12-15	Configure and Perform Data Masking
data audit	Iteration	This update adds built-in audit rules for RDS and MaxCompute to audit anomalous events and behaviors. MaxCompute now supports SQL audit.	2020-11-27	Configure and Enable Audit Mode
data masking	Iteration	You can now set the same database as both the source and destination for data masking.	2020-11-25	Configure and Perform Data Masking
data masking	Iteration	You can now mask an entire database. You can now generate SQL statements after masking sensitive data.	2020-11-18	Configure and Perform Data Masking
data audit	Iteration	Sensitive data identification and data audit now support RDS PostgreSQL.	2020-11-18	Configure and Enable Audit Mode
sensitive data identification	Iteration		2020-11-18	Scan for Sensitive Data by Using Discovery Tasks
sensitive data identification	Iteration	You can now create custom sensitive data identification rules based on database column names and regular expressions.	2020-10-28	View and Configure Discovery Templates
data audit	Iteration	Sensitive data identification and data audit now support OceanBase.	2020-09-08	Configure and enable audit mode
sensitive data identification	Iteration		2020-09-08	Scan for Sensitive Data by Using Discovery Tasks
sensitive data identification	Iteration	You can now use OCR technology to identify sensitive information in images.	2020-07-16	Scan for Sensitive Data by Using Discovery Tasks
data masking	Iteration	Data masking now supports OSS objects.	2020-01-20	Configure and Perform Data Masking
sensitive data identification	Iteration	Sensitive data identification now supports self-managed databases.	2020-01-20	Scan for Sensitive Data by Using Discovery Tasks
data masking	Iteration	Sensitive data identification, data audit, and data masking now support PolarDB and PolarDB-X.	2020-01-18	Configure and Perform Data Masking
data audit	Iteration			Configure and Enable Audit Mode
sensitive data identification	Iteration			Scan for Sensitive Data by Using Discovery Tasks

2019

Feature	Change type	Description	Release date	Related documentation
data desensitization	Enhancement	Enhanced the data desensitization feature: Enables data desensitization for tables without a primary key. Enables reusing desensitization rules across different databases. Enables data desensitization for RDS SQL Server.	2019.12.26	Configure and perform data desensitization
sensitive data discovery	Enhancement	You can now view asset statuses and sensitive data discovery results in a list, and export them.	2019.11.21	View sensitive data discovery results
Billing	Enhancement	Added support for the pay-as-you-go billing method and adjusted billing units.	2019.10.17	Billing overview
Sensitive Data Protection	New	The commercial edition of Sensitive Data Protection is now generally available.	2019.07.04	What is Data Security Center?
data desensitization	New	Introduced the static data desensitization feature.	2019.06.27	Configure and perform data desensitization

2018

Feature name	Change type	Description	Release date	Related documentation
Sensitive Data Protection	New	Launched the public preview of Sensitive Data Protection.	2018-09-01	Data Security Center overview

Identification template update history

In DSC, identification templates are collections of sensitive data classification rules tailored to specific industry standards. These templates help you automatically verify that your sensitive data meets compliance requirements. For information about the built-in identification templates, see Legacy industry-specific templates (deprecated).

2024

Template name	Updates	Release date
General identification template	Added 6 identification features and 5 identification models.	July 2024
Financial industry data classification template	Added 1 identification feature and updated 1 identification model.	June 2024
Internet industry data classification template	Added 1 identification feature and updated 1 identification model.	June 2024
General identification template	Added 1 identification feature and 1 identification model.	May 2024
Financial industry data classification template	Added 5 identification features and 5 identification models.	May 2024
General identification template	Added 6 identification features and 6 identification models.	April 2024
Financial industry data classification template	Added 6 identification features and 3 identification models.	April 2024
General identification template	Added 17 identification features and 16 identification models.	March 2024
Financial industry data classification template	Added 13 identification features and 6 identification models.	March 2024
General identification template	Added 4 identification features and 4 identification models.	February 2024
General identification template	Added 4 identification features and 4 identification models.	January 2024

2023

Template name	Updates	Release date
General identification template	Added 9 identification features and 5 identification models.	December 2023
General identification template	Added 35 identification features and 21 identification models.	November 2023
Internet of Vehicles (IoV) data classification template	Added 23 identification features and 23 identification models.
Internet industry data classification template	Added 2 identification features and 2 identification models.
General identification template	Added 8 identification features and 6 identification models.	October 2023
General identification template	Added 124 identification models.	Before October 2023
Internet of Vehicles (IoV) data classification template	Added 135 identification models.
Power industry data classification template	Added 64 identification models.
Internet industry data classification template	Added 54 identification models.
Financial industry data classification template	Added 331 identification models.