Google this week announced the availability of several new features for its Google Cloud Platform (GCP) customers, as part of the beta release of its Cloud Security Command Center (Cloud SCC).
Launched in March in alpha, Cloud SCC provides organization-level visibility into assets, vulnerabilities, and threats.
Cloud SCC now includes expanded coverage across Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Container Registry, Kubernetes Engine, and Virtual Private Cloud, as well as 13 new Identity and Access Management (IAM) roles for fine grained access control.
Customers also get new examples of how to generate notifications when changes occur; the ability to view and search for new, deleted, and total assets over a specified time period; expanded capabilities to manage asset discovery and expanded client libraries including Java, Node, and Go; self-serve onboarding and partner security sources via GCP Marketplace.
Offering visibility into infrastructure, configuration, application, and data risk, Cloud SCC helps admins address vulnerabilities and mitigate threats. Alerts on security anomalies are also available, along with the ability to scan for sensitive data, detect vulnerabilities, and review access rights.
“[Y]ou can view which Cloud Storage buckets are publicly accessible, identify VMs with public addresses, discover overly permissive firewall rules, and be alerted to instances that may have been compromised to perform coin mining. You can also easily see if users outside of your designated domain, or GCP organization, have access to your resources,” Google explains.
With Cloud SCC, admins get a comprehensive inventory of cloud assets across GCP services such as App Engine, Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Cloud Storage, Compute Engine, Container Registry, Kubernetes Engine, and Virtual Private Cloud.
With ongoing discovery scans, Cloud SCC can also show asset history, helping organizations understand what changed in their environment and act on unauthorized modifications. The platform can also generate notifications when changes occur and trigger Cloud Functions from a Cloud SCC query.
In addition to Google Cloud security services such as Data Loss Prevention (DLP) API, Forseti, Cloud Security Scanner, and anomaly detection from Google, Cloud SCC also integrates with third-party solutions from vendors such as Cavirin, Chef, and Redlock, the Internet search giant explains.
Thus, a comprehensive view of risks and threats is available in a single place, but customers also get the ability to jump from the Cloud SCC dashboard directly into these third-party tools, for faster remediation.