Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Google Launches Cloud Security Command Center in Beta

Google this week announced the availability of several new features for its Google Cloud Platform (GCP) customers, as part of the beta release of its Cloud Security Command Center (Cloud SCC). 

Google this week announced the availability of several new features for its Google Cloud Platform (GCP) customers, as part of the beta release of its Cloud Security Command Center (Cloud SCC). 

Launched in March in alpha, Cloud SCC provides organization-level visibility into assets, vulnerabilities, and threats.

Cloud SCC now includes expanded coverage across Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Container Registry, Kubernetes Engine, and Virtual Private Cloud, as well as 13 new Identity and Access Management (IAM) roles for fine grained access control.

Customers also get new examples of how to generate notifications when changes occur; the ability to view and search for new, deleted, and total assets over a specified time period; expanded capabilities to manage asset discovery and expanded client libraries including Java, Node, and Go; self-serve onboarding and partner security sources via GCP Marketplace.

Offering visibility into infrastructure, configuration, application, and data risk, Cloud SCC helps admins address vulnerabilities and mitigate threats. Alerts on security anomalies are also available, along with the ability to scan for sensitive data, detect vulnerabilities, and review access rights. 

“[Y]ou can view which Cloud Storage buckets are publicly accessible, identify VMs with public addresses, discover overly permissive firewall rules, and be alerted to instances that may have been compromised to perform coin mining. You can also easily see if users outside of your designated domain, or GCP organization, have access to your resources,” Google explains

With Cloud SCC, admins get a comprehensive inventory of cloud assets across GCP services such as App Engine, Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Cloud Storage, Compute Engine, Container Registry, Kubernetes Engine, and Virtual Private Cloud. 

With ongoing discovery scans, Cloud SCC can also show asset history, helping organizations understand what changed in their environment and act on unauthorized modifications. The platform can also generate notifications when changes occur and trigger Cloud Functions from a Cloud SCC query. 

In addition to Google Cloud security services such as Data Loss Prevention (DLP) API, Forseti, Cloud Security Scanner, and anomaly detection from Google, Cloud SCC also integrates with third-party solutions from vendors such as Cavirin, Chef, and Redlock, the Internet search giant explains. 

Thus, a comprehensive view of risks and threats is available in a single place, but customers also get the ability to jump from the Cloud SCC dashboard directly into these third-party tools, for faster remediation. 

Related: Google Hardens Cloud Workloads With Shielded VMs

Related: Google Announces New Security Tools for Cloud Customers

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...