Security Command Center は、 Google Cloud や他のクラウド プロバイダ全体のセキュリティ リスクの防止、検出、対応に役立ちます。Security Command Center を有効にすると、 Google Cloud コンソールを使用して、Compute Engine リソースに影響する優先度の高いセキュリティ リスクを確認できます。
このドキュメントでは、Security Command Center を有効にして、Compute Engine リソースに提供されるダッシュボードを表示する方法について説明します。
Security Command Center を有効にする
Security Command Center で Compute Engine リソースを分析するには、Security Command Center を有効にする必要があります。このセクションでは、Security Command Center が提供するサービスティアと、プロジェクトでスタンダード ティアまたはプレミアム ティアを有効にする方法について説明します。
サービスティア
Security Command Center を有効にするときに、有効にするサービスティアを選択します。
スタンダード。リスクと構成ミスに対する基本的なスキャンを有効にします。 Google Cloud リソースに適用されます。
プレミアム。リスク、脆弱性、構成ミスの強化されたスキャン、セキュリティ対策の管理、攻撃パス、脅威の検出、コンプライアンス モニタリングを提供します。 Google Cloud リソースに適用されます。
エンタープライズ。自動化されたケース管理と修復ハンドブックを含む、包括的なクラウドネイティブ アプリケーション保護プラットフォーム(CNAPP)ソリューションを提供します。 Google Cloud リソースと、他のクラウド プロバイダがホストするリソースに適用されます。
[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-09-03 UTC。"],[],[],null,["# Monitor security risks with Security Command Center\n\n[Security Command Center](/security-command-center/docs/security-command-center-overview)\nhelps you prevent, detect, and respond to security risks across Google Cloud and other cloud\nproviders. When you enable Security Command Center, you can use the Google Cloud console to view the\nhighest-priority security risks that affect your\nCompute Engine resources.\n\n\nThis document explains how to activate Security Command Center and view the dashboard that it\nprovides for your Compute Engine resources.\n\nActivate Security Command Center\n--------------------------------\n\n\nTo analyze your Compute Engine resources with Security Command Center, you must\n[activate Security Command Center](/security-command-center/docs/activate-scc-overview).\nThis section explains the service tiers that Security Command Center offers and explains how to\nactivate the Standard or Premium tier in your project.\n\n### Service tiers\n\n\nWhen you activate Security Command Center, you choose which\n[service tier](/security-command-center/docs/service-tiers) to activate:\n\n- **Standard**. Enables basic scanning for risks and misconfigurations. Applies to your Google Cloud resources.\n- **Premium**. Provides enhanced scanning for risks, vulnerabilities, and misconfigurations, as well as security posture management, attack paths, threat detection, and compliance monitoring. Applies to your Google Cloud resources.\n- **Enterprise**. Offers a complete cloud-native application protection platform (CNAPP) solution, including automated case management and remediation playbooks. Applies to your Google Cloud resources, as well as resources hosted by other cloud providers.\n\n\nYou can use the Standard tier at no additional charge. To learn about pricing for the Premium\nand Enterprise tiers, see [Security Command Center\npricing](/security-command-center/pricing).\n| **Note** : This page explains how to activate the Standard or Premium service tier for your project. Some Security Command Center features require you to [activate the Enterprise\n| tier](/security-command-center/docs/activate-enterprise-tier) or [activate the Standard\n| or Premium tier](/security-command-center/docs/activate-scc-for-an-organization) for your entire organization.\n\n### Activate Security Command Center in your project\n\n\nTo activate the Security Command Center Standard or Premium tier in your project, do the following:\n\n1. In the Google Cloud console, go to **Compute Engine Overview**.\n\n [Go to Compute Engine Overview](https://console.cloud.google.com/projectselector2/compute/overview?supportedpurview=project)\n2.\n Look for a pane titled **Sample security findings**.\n\n\n This pane shows examples of the types of security findings that you might see after you\n enable Security Command Center. These examples don't represent actual security issues in your\n project.\n\n\n If you see a pane titled **Top security findings**, then\n Security Command Center is already activated. You can skip the remaining steps.\n3. In the **Sample security findings** pane, click **Turn on security scanning for\n free**. The activation pane opens.\n4. Optional: To choose a different service tier, find the service tier that you want to enable, and then click **Select** for that tier.\n5. Click **Enable**.\n\n\nAfter you activate Security Command Center, it starts to analyze, or scan, your resources for\nCompute Engine and other Google Cloud services. This initial scan is\n[usually\ncomplete within minutes or hours](/security-command-center/docs/concepts-scan-latency-overview#scan_latency).\n\nReview high-priority security risks\n-----------------------------------\n\n\nAfter Security Command Center\n[completes\nan initial scan](/security-command-center/docs/concepts-scan-latency-overview#scan_latency) of your Compute Engine resources, you can review high-priority\n*findings* for your resources in the Google Cloud console. Each finding represents a\nsecurity risk.\n\n\nTo review high-priority findings for your Compute Engine resources, do the following:\n\n1.\n In the Google Cloud console, go to **Compute Engine Overview**.\n\n [Go to Compute Engine Overview](https://console.cloud.google.com/projectselector2/compute/overview?supportedpurview=project)\n2.\n Find the **Top security findings** pane. This pane lists the most important types of\n findings that affect your Compute Engine resources.\n\n - To view the high-priority findings in each category, click the name of the category.\n - To view all of your findings, click arrow_forward **View all findings**.\n\nGet an overview of other risks\n------------------------------\n\n\nIn addition to an [overview of high-priority risks](#high-priority-risks), you can\nuse the Google Cloud console to view other types of security risks that affect your\nCompute Engine resources.\n\n\nTo get an overview of these additional risks, in the Google Cloud console, go to\n**Security Risk Overview**.\n\n[Go to Security Risk Overview](https://console.cloud.google.com/projectselector2/compute/security?supportedpurview=project)\n\n\nThis page shows the following information:\n\nTop security findings\n\n:\n This table lists the most important types of findings that affect your Compute Engine resources.\n\nAll vulnerability findings over time\n\n:\n This chart shows the total number of Security Command Center findings over time for your Compute Engine instances. Findings are categorized by severity.\n\n\n To change the date range, click the list, and then select a new value.\n\nTop CVE findings on your virtual machines\n\n:\n This heatmap shows the number of Common Vulnerabilities and Exposures (CVEs) that affect your Compute Engine instances, grouped by the potential impact and exploitability of each CVE.\n\nTop CVE findings\n\n:\n This table lists the most severe CVEs that affect your Compute Engine instances, including the exploitability and impact of each CVE.\n\nBoost your security knowledge\n\n:\n This pane provides links to more information about Security Command Center and strategies for mitigating vulnerabilities.\n\n\nTo get more details, click the links in each pane.\n\nWhat's next\n-----------\n\n- [Security Command Center\n overview](/security-command-center/docs/security-command-center-overview)\n- [Security Command Center service tiers](/security-command-center/docs/service-tiers)\n- [Security Command Center pricing](/security-command-center/pricing)"]]