Security Command Center is a cloud-based risk management solution that helps security professionals to prevent, detect, and respond to security issues. It helps to keep your cloud environment secure by providing tools to monitor and manage the following areas:
- Vulnerability detection: Discover and remediate problems such as misconfigurations, publicly exposed resources, leaked credentials, and resources with known risks. Monitor compliance against common security benchmarks like NIST, HIPAA, PCI-DSS, and CIS.
- Threat detection and mitigation: Detect and respond to active threats such as malware, cryptocurrency miners, container runtime attacks, and distributed denial-of-service (DDoS) attacks.
- Postures and policies: Define and deploy a security posture to monitor the status of your Google Cloud resources, and address posture drift when it happens. Check for and correct over-permissioned accounts.
- Data export: Export findings to BigQuery and Pub/Sub for further analysis.
For a complete list of services, see Service tier comparison.
Services that operate in each of these areas can generate findings. Findings are records of threats or other issues that a service has found in your cloud environments. Findings are generated by the following sources:
- Built-in: Security services that are part of Security Command Center.
- Integrated: Google Cloud security services that integrate with organization-level activations of Security Command Center. For example, Google Cloud Armor and Sensitive Data Protection.
- Third party: Security services that have registered as Cloud Marketplace partners, such as Snyk and CrowdStrike Falcon, that work with organization-level activations of Security Command Center. See all third party security services.
For a list of available built-in, integrated, and third party security services, and instructions for how to configure them, see Configure Security Command Center services.
Service tiers
Security Command Center is offered in three service tiers: Standard, Premium, and Enterprise. Each tier determines the features and services that are available to you in Security Command Center.
For more information on what each tier includes, see Service tiers.
Activation levels
You can activate Security Command Center on an individual project, which is known as project-level activation, or an entire organization, which is known as organization-level activation.
The Enterprise tier requires an organization-level activation.
What's next
- Learn about service tiers.
- Activate Security Command Center.
- Learn about Security Command Center detection services.
- Learn how to use Security Command Center in the Google Cloud console.
- Configure your security services.