General how-to guides
Using Security Command Center
-
Configuring Security Command Center
Access Security Command Center settings to enable or disable security sources, manage which sources apply to which resources, and set up logging.
-
Using the Security Command Center dashboard
Access Security Command Center, and use some basic features to configure the display and review your Google Cloud resources.
-
Using security marks
Add security marks to assets or findings so you can search, select, or filter using the mark.
-
Exporting Security Command Center data
Use the Cloud Console or Security Command Center API to export asset or finding data.
-
Setting up finding notifications
Use the Security Command Center API to set up notifications that send findings updates and new findings to a Pub/Sub topic.
-
Installing Security Command Center tools
Learn about how Security Command Center tools add new functionality, and complete pre-install steps to prepare your project to use the tools.
Detecting security threats
-
Testing Container Threat Detection
Test the end-to-end Container Threat Detection experience by triggering each of the detectors.
-
Using Container Threat Detection
Learn how to view Container Threat Detection findings in the Security Command Center dashboard.
-
Testing Event Threat Detection
Test the end-to-end Event Threat Detection experience by triggering the Cloud IAM anomalous grant detector.
-
Using Event Threat Detection
Learn about the types of findings that Event Threat Detection produces and how to review them in the Security Command Center dashboard.
-
Configuring Event Threat Detection
Configure Event Threat Detection if you haven't yet migrated to the Security Command Center Premium or Standard tier.
-
Anomaly Detection
Learn about how Anomaly Detection detects security anomalies for your projects and Virtual Machine (VM) instances.
Preventing security threats
-
Using Security Health Analytics
Learn how to use Security Health Analytics to manage vulnerability findings.
-
Remediating Security Health Analytics findings
Learn about suggested remediations for Security Health Analytics vulnerability findings.
-
Using Web Security Scanner
Review Web Security Scanner managed scan findings in the Security Command Center dashboard.
-
Setting up custom scans using Web Security Scanner
Create and manage custom scans, avoid undesirable results, and interpret scan results for App Engine, Compute Engine, and Google Kubernetes Engine apps.
-
Remediating Web Security Scanner findings
Learn about suggested remediation for Web Security Scanner findings.
-
Sending Cloud DLP results to Security Command Center
Learn how Cloud DLP can output scan results to Security Command Center.
-
Sending Forseti Security results to Security Command Center
Learn how Forseti can output Forseti scan results to Security Command Center.
Using the Security Command Center API
-
Accessing Security Command Center programmatically
Access Security Command Center using the Security Command Center Python library.
-
Configuring asset discovery
Use the Security Command Center API to turn asset discovery on or off for an organization.
-
Listing assets
Use the Security Command Center API to get metadata about an organization's assets.
-
Listing security findings
Use the Security Command Center API to get an organization's findings.
-
Creating and managing security findings
Use the Security Command Center API to create and update an organization's findings.
-
Adding and managing security marks
Use the Security Command Center API to add, update, and delete customizable annotations on assets or findings.
-
Creating and managing security sources
Use the Security Command Center API to create and manage security sources for an organization to generate findings.
-
Creating and managing Notification Configs
Use the Security Command Center API to create, get, update, delete, or list a
NotificationConfig, and receive Pub/Sub notifications. -
Filtering notifications
Use the Security Command Center API to create notifications filters and see examples of the Pub/Sub messages that's returned.