Identity & Security

Find and fix misconfigurations in your Google Cloud resources

Editor's note: This is the last installment of our six-part blog series on how to use Cloud Security Command Center. There are links to the five previous installments at the end of this post.

When you deploy new Google Cloud services, you need visibility into what’s running and how you can improve their security. If you don’t, your organization might not be aware of risky misconfigurations that leave you susceptible to attacks. 

To help you find misconfigurations, and respond quickly to them, we developed Security Health Analytics, and built it into Cloud Security Command Center (Cloud SCC). Security Health Analytics gives you visibility into misconfigurations in your GCP resources and provides actionable recommendations for how to fix them. In this blog, we’ll take a closer look at Security Health Analytics, and provide a video where you can learn more.

Enabling Security Health Analytics
Since Security Health Analytics is built in to Cloud SCC, to use it you just need to have one of two roles: the Organization Administrator Cloud Identity and Access Management (Cloud IAM) role or the Security Center IAM role. 

Viewing different types of misconfigurations
You can see the Security Health Analytics card—which lists its findings and the types of misconfigurations present in your environment—directly from Vulnerabilities dashboard in Cloud SCC. There is a long list of vulnerabilities Security Health Analytics can identify, including:

  • Firewall rules that are configured to be open to public access

  • Cloud Storage buckets that are publicly accessible

  • Instances configured with public IP addresses

  • Instances with SSL not being enforced

  • Resources where the Web UI isn’t enabled

You can find the full list of potential findings in the documentation.

GCP_security health check.png

Taking action on a misconfiguration
When you click on a finding, you get a short description of the issue, as shown in the diagram below. This description includes the GCP asset or resource impacted, how it was detected, an overview of the issue, and even a step-by-step recommendation on how to fix it.

The recommendation, under the “Remediation” heading, provides a link to the impacted resource. Once there, all you need to do is follow the recommendations and click save.

gcp Remediation.png

Video: Start using Security Health Analytics today 
To see how you can set up Security Health Analytics for your GCP environment, take a look at the video embedded below.