Cloud Security Command Center

A comprehensive security management and data risk platform for GCP.

Prevent, detect, and respond to threats

Prevent, detect, and respond to threats

With visibility into what assets are in Google Cloud Platform and their security state, Cloud Security Command Center makes it easier for you to prevent, detect, and respond to threats. Identify misconfigurations in virtual machines, networks, applications, and storage from a single pane of glass and act on them before they result in business damage or loss. Built-in threat detectors can quickly surface suspicious activity in your Stackdriver security logs or compromised virtual machines. Quickly respond to threats by following actionable recommendations or exporting data to your SIEM.

Prevent threats with visibility

Prevent threats with visibility and control over your cloud data and services

Cloud Security Command Center gives enterprises centralized visibility into their cloud assets across App Engine, Compute Engine, and more. Built-in security analytics and threat intelligence assesses your overall security state and activity of your virtual machines, network, and storage and surfaces vulnerabilities in your applications. These insights can help you take preventative actions to reduce your exposure to threats.

Detect and respond to threats

Detect and respond to threats targeting your Google Cloud Platform assets

Cloud Security Command Center reveals virtual machines that have been used for malicious purposes. Event Threat Detection uses industry-leading threat intelligence, including Google Safe Browsing, to detect suspicious activity in your Stackdriver logs. In just a few clicks, you can identify high-risk incidents and focus on remediation.

Meet your security needs with a flexible platform

Cloud Security Command Center integrates with Google Cloud Platform security tools like Binary Authorization or Google Cloud Phishing Protection. You can also integrate third-party security solutions from Acalvio, Capsule8, Cavirin, Chef, Check Point CloudGuard Dome9, Cloudflare, CloudQuest, McAfee, Qualys, Reblaze, RedLock by Palo Alto Networks, StackRox,, and Twistlock.

Acalvio logo
Capsule logo
Cavirin logo
Chef logo
Cloudflare logo
Cloudguard logo
Cloudquest logo
Mcafee logo
Reblaze logo
Redlock logo
Stackrox logo
Tenable logo
Twistlock logo


Asset discovery and inventory

Discover and view your assets across App Engine, BigQuery, Cloud SQL, Cloud Storage, Compute Engine, Cloud IAM, Kubernetes Engine, and more. Review historical discovery scans to identify new, modified, or deleted assets.

Sensitive data discovery

Find out which storage buckets contain sensitive and regulated data using the Cloud DLP API. Help prevent unintended exposure and ensure access is based on need-to-know. The DLP API integrates automatically with Cloud Security Command Center.

Application vulnerability detection

Uncover common vulnerabilities such as cross-site-scripting (XSS), outdated libraries, and more that put your App Engine applications at risk with Cloud Security Scanner. Cloud Security Scanner integrates automatically with Cloud Security Command Center.


Leverage the Cloud Security Command Center REST API for easy integration with your existing security systems and workflows. Export Cloud Security Command Center data to Splunk or other SIEMs for further analysis.

Access control monitoring

Native ability to surface the identity and access management policies for your cloud resources. Help ensure the appropriate access control policies are in place and get alerted when policies are misconfigured or unexpectedly change. Forseti, our open source security toolkit for Google Cloud Platform, integrates with Cloud Security Command Center.

Anomaly detection from Google

Identify threats such as coin mining, unusual activity, hijacked accounts, compromised machines used for botnets or DDoS attacks, and anomalous data activity with Cloud Anomaly Detection, developed by Google. Cloud Anomaly Detection integrates automatically with Cloud Security Command Center.

Threat detection

Automatically scan Stackdriver security logs for high-profile indicators of compromise with Event Threat Detection and further explore these findings from Cloud Security Command Center.

Third-party security tool inputs

Integrate output from your existing security tools into Cloud Security Command Center to detect security and compliance policy violations and instance vulnerabilities and threats.

Real-time notifications and remediation

Receive Cloud Security Command Center alerts via Gmail, SMS, and Jira with Cloud Pub/Sub notification integration. Quickly remediate security alerts by using Cloud Pub/Sub events and Cloud Functions.

Audit logs

Integrate Cloud Audit Logging events for Compute Engine, Google Cloud networking, Cloud Storage, Cloud IAM, and Binary Authorization into Cloud Security Command Center to help meet regulatory requirements or provide an audit trail while investigating an incident.


There is no separate charge for using Cloud Security Command Center. However, you will be charged if you upload more than 1 GB per day of external findings into Cloud Security Command Center. In addition, some Cloud Security Command Center detectors, such as Cloud DLP API, charge by usage. Learn more on the DLP API pricing page.


Google Cloud

Get started

Cloud Security Command Center

Prevent, detect, and respond to threats with GCP’s comprehensive security management and data risk platform.

Send feedback about...

Cloud Security Command Center