Cloud Security Command Center ALPHA

A comprehensive security and data risk platform for GCP

Request Access View Documentation

Actionable security insights

Cloud Security Command Center helps security teams gather data, identify threats, and act on them before they result in business damage or loss. It offers deep insight into application and data risk so that you can quickly mitigate threats to your cloud resources and evaluate overall health. With Cloud Security Command Center, you can view and monitor an inventory of your cloud assets, scan storage systems for sensitive data, detect common web vulnerabilities, and review access rights to your critical resources, all from a single, centralized dashboard.

Gain visibility into your cloud data and services

Cloud Security Command Center gives enterprises consolidated visibility into their cloud assets across App Engine, Compute Engine, Cloud Storage, and Datastore. Users can quickly understand the number of projects they have, what resources are deployed, where sensitive data is located, and how firewalls rules are configured. With ongoing discovery scans, enterprises can view asset history to understand exactly what changed in their environment and act on unauthorized modifications.

Powerful insights to help enhance your security posture

Cloud Security Command Center provides powerful security insights about your cloud resources. With this tool, security teams can answer questions like “Which cloud storage buckets contain PII?”, “Do I have any buckets that are open to the Internet?” and “Which cloud applications are vulnerable to XSS vulnerabilities?” By applying ongoing security analytics and threat intelligence, enterprises can assess their overall security health in a central dashboard and take immediate action on security risks.

Flexible platform to meet your security needs

Cloud Security Command Center integrates with Google Cloud Platform security tools like Cloud Security Scanner, the Cloud Data Loss Prevention (DLP) API and third-party security solutions from Cloudflare, CrowdStrike, Dome9, Palo Alto Networks, Qualys, and RedLock. Cloud security insights from partner products are aggregated in Cloud Security Command Center and can be fed into existing systems and workflows.

Cloudflare logo
CrowdStrike logo
Dome9 logo
Palo Alto Networks logo
Qualys logo
RedLock logo

Cloud Security Command Center Features

Asset Discovery and Inventory
Discover your assets across App Engine, Compute Engine, Cloud Storage, and Cloud Datastore and view them in one place. Review historical discovery scans to identify new, modified, or deleted assets.
Sensitive Data Identification
Find out which storage buckets contain sensitive and regulated data using the Cloud DLP API. Help prevent unintended exposure and ensure access is based on need-to-know. The DLP API integrates automatically with Cloud Security Command Center.
Application Vulnerability Detection
Uncover common vulnerabilities such as cross-site-scripting (XSS) and Flash injection that put your Google App Engine applications at risk with Cloud Security Scanner. Cloud Security Scanner integrates automatically with Cloud Security Command Center.
REST API
Leverage the Cloud Security Command Center REST API for easy integration with your existing security systems and workflows.
Access Control Monitoring
Help ensure the appropriate access control policies are in place across your cloud resources and get alerted when policies are misconfigured or unexpectedly change. Forseti, the open source security toolkit for Google Cloud Platform, integrates with Cloud Security Command Center.
Anomaly Detection From Google
Identify threats like botnets, cryptocurrency mining, anomalous reboots, and suspicious network traffic with built-in anomaly detection technology developed by Google.
Third-party Security Tool Inputs
Integrate output from your existing security tools such as Cloudflare, CrowdStrike, Dome9, Palo Alto Networks, Qualys, and RedLock into Cloud Security Command Center to detect DDoS attacks, compromised endpoints, compliance policy violations, network attacks, and instance vulnerabilities and threats.
Real-time Notifications
Receive Cloud Security Command Center alerts via Gmail, SMS, and Jira with Pub/Sub notification integration.

Cloud Security Command Center Pricing

There is no separate charge for using Cloud Security Command Center. However, the use of some Cloud Security Command Center detectors, such as Cloud Security Scanner, impacts App Engine instance quota limits, bandwidth (traffic) charges, and quotas for API calls to App Engine services. Learn more in the Security Scanner pricing guide. In addition, the Cloud DLP API detector is priced by usage. Learn more on the DLP API pricing page.

Alpha: This is an Alpha release of Cloud Security Command Center. This feature is not covered by any SLA or deprecation policy and may be subject to backward-incompatible changes.

发送以下问题的反馈:

此网页
Cloud Security Command Center