Issues are notable security risks Security Command Center Enterprise has identified in your cloud environments. They're available in the Risk section of the Google Cloud console, giving you the opportunity to respond quickly to vulnerabilities and threats.
Issues are discovered through virtual red teaming and rule-based detections. For example, a detection with the name High Risk CVE on GCE with direct access to a high value resource covers the following situation:
- A high risk, common vulnerability or exposure (CVE) has been identified on a Compute Engine VM in your cloud environment.
- That compromised VM has access to a high value resource through a service account.
A detection can discover multiple instances of an issue. By default, in the Google Cloud console, issues with the same severity and detection are grouped together.
Issue sources
Issues are classified as medium, high, or critical severity, and come from the following sources:
Issue lifecycle
Issues remain active until they are resolved. You can resolve issues by fixing the findings referenced in the issues or by deleting the affected resources.
Inactive issues have a retention period of 90 days after which they are deleted.
What's next
- Manage and remediate issues
- Explore the security graph (Preview) to identify potential security concerns in your environment.