Security Command Center is a cloud-based risk management solution that helps security professionals to prevent, detect, and respond to security issues. It helps to keep your cloud environment secure by providing tools to monitor and manage the following areas:
- Vulnerability detection: Discover and remediate problems such as misconfigurations, publicly exposed resources, leaked credentials, and resources with known risks. Monitor compliance against common security benchmarks like NIST, HIPAA, PCI-DSS, and CIS.
- Threat detection and mitigation: Detect and respond to active threats such as malware, cryptocurrency miners, container runtime attacks, and distributed denial-of-service (DDoS) attacks.
- Postures and policies: Define and deploy a security posture to monitor the status of your Google Cloud resources, and address posture drift when it happens. Check for and correct over-permissioned accounts.
- Data management: Restrict the storage and processing of Security Command Center data to a specific region for data residency purposes. Export findings to BigQuery and Pub/Sub for further analysis.
For a complete list of services, see Service tier comparison.
Services that operate in each of these areas can generate findings. Findings are records of threats or other issues that a service has found in your cloud environments. Findings are issued by the following sources:
- Built-in: Security services that are part of Security Command Center.
- Integrated: Google Cloud security services that integrate with organization-level activations of Security Command Center. For example, Google Cloud Armor and Sensitive Data Protection.
- Third party: Security services that have registered as Cloud Marketplace partners, that work with organization-level activations of Security Command Center.
You must configure these services to use them.
Service tiers
Security Command Center is offered in three service tiers: Standard, Premium, and Enterprise. Each tier determines the features and services that are available to you in Security Command Center.
For more information on what each tier includes, see Service tiers.
Activation levels
You can activate Security Command Center on an individual project, which is known as project-level activation, or an entire organization, which is known as organization-level activation.
The Enterprise tier requires an organization-level activation.
What's next
- Learn about service tiers.
- Activate Security Command Center.
- Learn about Security Command Center detection services.
- Learn how to use Security Command Center in the Google Cloud console.
- Configure your security services.