Google Cloud Security Command Center has entered its beta phase with improvements such as new IAM roles for fine grained access control, additional view and search filters, and expanded coverage across GCP services.
The cloud security command center was introduced in March 2018 to offer admins a way to keep an eye on the security status of the cloud assets used in a company as well as assess security risks and vulnerabilities. Before the monitoring can start, the tool has to run an asset discovery process. GCP services taken into account can now include App Engine, Virtual Private Cloud, Cloud Spanner, Cloud Storage, Cloud Load Balancing, Container Registry, and Kubernetes Engine.
Unwanted changes to inventoried cloud services and resources as well as risky areas of an environment are identified by SCC and fed into a dashboard and data platform. Relevant security information is centrally compiled and available in one place.
Since not everyone will want to keep checking another dashboard, the center also offers ways to generate notifications when changes occur or configure automatic actions for certain triggers. If the platform for example identifies resources like storage, that should be private, are publicly available, an automatic response could be to change access settings.
To get a better idea on how to use this automation possibility, new features in the beta release include examples of how to generate notifications and trigger Cloud Functions from Cloud SCC queries. Other than that, the capabilities to manage asset discovery as well as client libraries for Java, Node, and Go have been expanded. There now also filters in place that let you view and search new, deleted, and total over a given time period.
Cloud SCC can be combined with a number of Google Cloud security tools and is available via the GCP Marketplace. It is for example able to work with the company’s data loss prevention API, anomaly detection, and the cloud security scanner.
Integrations with external tooling is supposed to be possible as well – one of the launch partners of the current release is Chef Automate. If combined with SCC it is able to send InSpec’s scan data to the command center, which will then be integrated into the findings view of the dashboard mentioned.