After AWS Security Hub, Google Introduces Beta Release of Cloud Security Command Center (SCC)

After AWS Security Hub, Google Introduces Beta release of Cloud Security Command Center

Google announced the availability of several new features for its Google Cloud Platform (GCP) customers, as part of the beta release of its Cloud Security Command Center (Cloud SCC).

Google Cloud Security Command Center (Cloud SCC) has entered into Beta phase and available to all GCP customers.

This recent announcement was followed after the biggest cloud vendor AWS announced its Security Hub solution and onboarding of major security players. Notably, the alpha release of Cloud Security Command Center was announced in March 2018.

The beta release of Cloud SCC now give insights into the inventory of GCP services such as App Engine, Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Cloud Storage, Compute Engine, Container Registry, Kubernetes Engine, and Virtual Private Cloud along with an inventory of your service accounts. In addition, 13 IAM roles added for fine-grained access control.

Other capabilities include the ability to view and search for new, deleted, and total assets over a time period along with new kind of notifications when changes occur.

The notifications can help trigger Cloud Functions from a Cloud SCC query such as policy changes on a network firewall and then restore it back to a secure state, and detect when a Cloud Storage bucket becomes publicly accessible and then revert back to private access. A new set of client libraries including Java, Node, and Go are also made available.

Google Cloud Security Command Center integrates with Google Cloud security services such as Data Loss Prevention (DLP) API, Forseti, Cloud Security Scanner, and anomaly detection from Google as well as with third-party cloud security solutions from vendors such as Cavirin, Chef, and Redlock is also available in beta release.

SCC can uncover security risks and vulnerabilities. According to the blog post by Senior Product Manager, Google Cloud, Andy Chang, "you can view which Cloud Storage buckets are publicly accessible, identify VMs with public addresses, discover overly permissive firewall rules, and be alerted to instances that may have been compromised to perform coin mining. You can also easily see if users outside of your designated domain, or GCP organization, have access to your resources."

Director Information Security, Colgate-Palmolive, Alexander Schuchman, said, "Cloud Security Command Center gives us unprecedented visibility into the security posture of our VM instances and containerized workloads running within GCP. With this security service, we can quickly review and assess risks across all our GCP assets."

Cloud SCC performs regular discovery scans and helps GCP admins to act on policy violations or alerts. Now it is possible to view, monitor and observe an inventory of your cloud assets as well as security anomalies and help protect sensitive data from a single centralized data platform and dashboard

Google Cloud SCC can be accessed here.


Note: We at TechSutram take our ethics very seriously. More information about it can be found here.
Mandar Pise Opinions expressed by techsutram contributors are their own. More details

Mandar is a seasoned software professional for more than a decade. He is Cloud, AI, IoT, Blockchain and Fintech enthusiast. He writes to benefit others from his experiences. His overall goal is to help people learn about the Cloud, AI, IoT, Blockchain and Fintech and the effects they will have economically and socially in the future.

No comments:

Post a Comment

    Your valuable comments are welcome. (Moderated)