Prevent, detect, and respond to threats
With visibility into what resources are in Google Cloud and their security state, Security Command Center makes it easier for you to prevent, detect, and respond to threats. Identify security misconfigurations in virtual machines, networks, applications, and storage buckets from a centralized dashboard. Take action on them before they can potentially result in business damage or loss. Built-in capabilities can quickly surface suspicious activity in your Cloud Logging security logs or indicate compromised virtual machines. Respond to threats by following actionable recommendations or exporting logs to your SIEM for further investigation.
Prevent threats and meet compliance requirements with visibility and control over your Google Cloud services and data
Security Command Center gives enterprises centralized visibility into their Google Cloud resources across Compute Engine, Kubernetes Engine, and more. Instantly see what assets in your Google Cloud infrastructure are in violation of the CIS Benchmarks and take action. Built-in security analytics and threat intelligence assesses the overall security state and activity of your virtual machines, network, and storage buckets and surfaces vulnerabilities in your applications. These insights can help you take proactive measures to reduce your exposure to risks.
Detect and respond to threats targeting your Google Cloud assets
Security Command Center reveals virtual machines that have been used for malicious purposes. Event Threat Detection uses industry-leading threat intelligence, including Google Safe Browsing, to detect suspicious activity in your Cloud Logging. Reduce the amount of time you spend investigating logs and focus on high-risk events and remediation.
Meet your security needs with a flexible platform
Security Command Center integrates with Google Cloud security tools like Binary Authorization or Phishing Protection. You can also integrate third-party security products from Acalvio, Capsule8, Cavirin, Chef, Check Point CloudGuard Dome9, Cloudflare, CloudQuest, McAfee, Qualys, Redblaze, Redlock by Palo Alto Networks, StackRox, Tenable.io, and Twistlock.
Features and Benefits
Asset discovery and inventory
Discover and view your assets across App Engine, BigQuery, Cloud SQL, Cloud Storage, Compute Engine, Cloud IAM, Google Kubernetes Engine, and more. Review historical discovery scans to identify new, modified, or deleted assets.
Sensitive data discovery
Find out which storage buckets contain sensitive and regulated data using the Cloud DLP API. Help prevent unintended exposure and ensure access is based on need-to-know. The DLP API integrates automatically with Security Command Center.
Web application vulnerability detection
Uncover common vulnerabilities such as cross-site-scripting (XSS), outdated libraries, and more that put your App Engine applications at risk with Web Security Scanner. Web Security Scanner integrates automatically with Security Command Center.
REST API and SIEM
Leverage the Security Command Center REST API for easy integration with your existing security systems and workflows. Export Security Command Center data to Splunk or other SIEMs for further analysis.
Access control monitoring
Native ability to surface the identity and access management policies for your cloud resources. Help ensure the appropriate access control policies are in place and get alerted when policies are misconfigured or unexpectedly change. Forseti, our open source security toolkit for Google Cloud, integrates with Security Command Center.
Anomaly detection from Google
Identify threats such as coin mining, unusual activity, hijacked accounts, compromised machines used for botnets or DDoS attacks, and anomalous data activity with Cloud Anomaly Detection, developed by Google. Cloud Anomaly Detection integrates automatically with Security Command Center.
Automatically scan Cloud Logging security logs for high-profile indicators of compromise with Event Threat Detection and further explore these findings from Security Command Center.
Third-party security tool inputs
Integrate output from your existing security tools into Security Command Center to detect security and compliance policy violations and instance vulnerabilities and threats.
Real-time notifications and remediation
Receive Security Command Center alerts via Gmail, SMS, and Jira with Pub/Sub notification integration. Quickly remediate security alerts by using Pub/Sub events and Cloud Functions.
Integrate Cloud Audit Logs events for Compute Engine, Google Cloud networking, Cloud Storage, Cloud IAM, and Binary Authorization into Security Command Center to help meet regulatory requirements or provide an audit trail while investigating an incident.
Understand the security state of your GCP assets and whether they are compliant. Quickly resolve misconfigurations by clicking directly on the impacted resource and following the proscribed steps on how to fix it. Security Health Analytics integrates automatically with Security Command Center.
Security Command Center gives us unprecedented visibility into the security posture of our VM instances and containerized workloads running within GCP. With this security service, we can quickly review and assess risks across all our GCP assets.Alexander Schuchman, Director of Information Security, Colgate-Palmolive
Meet your security needs with a flexible platform
Cloud Security Command Center integrates with Google Cloud Platform security tools like Binary Authorization or Google Cloud Phishing Protection. You can also integrate third-party security solutions from Acalvio, Capsule8, Cavirin, Chef, Check Point CloudGuard Dome9, Cloudflare, CloudQuest, McAfee, Netskope, Perimeter, Qualys, Reblaze, Redlock by Palo Alto Networks, StackRox, Sysdig, Tenable.io, and Twistlock.
There is no separate charge for using Security Command Center. However, you will be charged if you upload more than 1 GB per day of external findings into Security Command Center. In addition, some Security Command Center detectors, such as Cloud DLP API, charge by usage. Learn more on the DLP API pricing page.