Last week Google announced the availability of the beta release of its Cloud Security Command Center (Cloud SCC). Launched during March 2018 in alpha, Cloud SCC provides enterprise-wide visibility into assets, vulnerabilities, and threats.
The Cloud SCC will help security teams gather data, identify threats, and act on them before they result in any business damage or loss. It also promises to offer deep insight into application and data risk so that companies can quickly mitigate threats to their cloud resources and evaluate the overall health. With Cloud SCC, organisations can view and monitor an inventory of their cloud assets, scan storage systems for sensitive data, detect common web vulnerabilities, and review access rights to the critical resources, all from a single, centralised dashboard.
Cloud SCC gives enterprises consolidated visibility into their cloud assets across App Engine, Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Cloud Storage, Compute Engine, Container Registry, Kubernetes Engine, and Virtual Private Cloud. Users can quickly understand the number of projects they have, what resources are deployed, where sensitive data is located, which service accounts have been added or removed, and how firewalls rules are configured. With ongoing discovery scans, enterprises can view asset history to understand exactly what changed in their environment and act on unauthorised modifications.
It provides powerful security insights about the cloud resources. With this tool, security teams can answer questions like “Which cloud storage buckets contain PII?”, “Do I have any buckets that are open to the Internet?” and “Which cloud applications are vulnerable to XSS vulnerabilities?” By applying ongoing security analytics and threat intelligence, enterprises can assess their overall security health in a central dashboard and take immediate action on security risks.
Cloud Security Command Center integrates with Google Cloud Platform security tools like Cloud Security Scanner, the Cloud Data Loss Prevention (DLP) API and third-party security solutions from Cavirin, Chef, and RedLock. Cloud security insights from partner products are aggregated in Cloud Security Command Center and can be fed into existing systems and workflows.
Image courtesy: Sysdig