Migrate from legacy Security Command Center products

This page discusses the deprecation of Security Command Center Legacy and Event Threat Detection Legacy, and how you can migrate your account to Security Command Center Standard or Premium.

Overview

Security Command Center Legacy, previously known as Cloud Security Command Center, and Event Threat Detection Legacy are being permanently disabled for all customers on June 7, 2021. To continue benefiting from Security Command Center without an interruption in service, you must migrate your organizations to Security Command Center's Standard tier or Premium tier. Event Threat Detection, a built-in service of Security Command Center, is available only in the Premium tier.

If you onboarded to Security Command Center before May 2020, or Event Threat Detection before June 2020, and never upgraded to Security Command Center's Standard tier or Premium tier, you are using a legacy product. Legacy products have a limited, static feature set while Security Command Center's tiered services are continually improved with new detectors and features that protect you against an evolving threat landscape:

For a detailed comparison of legacy products to Security Command Center Standard and Premium, see Feature comparison later on this page.

How to upgrade

To activate Security Command Center Standard, see Setting up Security Command Center. To subscribe to Security Command Center Premium, contact your sales representative or fill out our inquiry form. You should receive a response within two US business days.

During onboarding, you create a new Security Command Center service account, configure the product and, if necessary, re-enable individual services.

When you subscribe to Security Command Center Premium, Event Threat Detection is turned on by default.

The following sections describe upcoming changes for legacy customers.

Security Command Center Legacy deprecated

Security Command Center Legacy is being turned down on June 7, 2021. Immediately after the service is disabled, if you don't upgrade to Security Command Center Standard or Premium, you see the following changes:

  • Security scans stop running for your organization until you onboard to Security Command Center Standard or Premium.
  • Finding notifications are turned off.
  • Security Command Center stops accepting findings from integrated services, like Cloud Data Loss Prevention, and third-party products. You might still be billed by external providers based on their usage fees.
  • You can no longer access Security Command Center Legacy in the Google Cloud Console. You are redirected to the Security Command Center onboarding page to migrate your account.
  • You can no longer access the Security Command Center API, securitycenter.googleapis.com:
    • You can't view or edit existing findings, or submit new ones. Findings generated before the deprecation date are preserved in Security Command Center, following our standard findings retention policy.
    • You can't access or edit any legacy settings.
    • You receive client errors when attempting to access the API.
  • Cloud Support can't access settings or features in legacy products. For questions or assistance in upgrading, complete our inquiry form.
  • Documentation referencing Security Command Center Legacy, except this page, is removed.

Event Threat Detection Legacy deprecated

Event Threat Detection Legacy is being turned down on June 7, 2021. Immediately after the service is disabled, if you don't upgrade to Security Command Center Premium, you see the following changes:

  • Threat detection stops running for your organization until you onboard to Security Command Center Premium.
  • Event Threat Detection's consumption billing service is discontinued and billing is stopped.
  • You can no longer access the Event Threat Detection Legacy interface in the Cloud Console and are redirected to the onboarding page to migrate your account.
  • The Threat Detection API, threatdetection.googleapis.com, is disabled.
  • Findings generated by Event Threat Detection before the deprecation date are preserved in Security Command Center, following our standard findings retention policy.
  • Cloud Support can't access settings or features in legacy products. For questions or assistance in upgrading, complete our inquiry form.
  • Documentation referencing Event Threat Detection Legacy, except this page, is removed.

Feature comparison

The built-in services in Security Command Center Standard and Premium are continually improved and have a broader feature set than legacy products. The Standard tier is free and includes new detectors and an improved interface. Event Threat Detection is available only in the Premium tier and includes new detectors that let you monitor your BigQuery resources and detect threats from anomalous IP addresses and user agents.

The following table compares legacy product features to Security Command Center Standard and Premium.

Table 1. Feature comparison for Security Command Center by service tier
Category Feature Legacy Standard Premium
Pricing Pricing Consumption-based Free Fixed price
Visibility Dashboard for vulnerabilities Yes Yes Yes
Dashboard for threats Yes; add-on, additional cost No Yes
Dashboard for compliance No No Yes
Near-real time asset inventory and discovery Yes Yes Yes
Built-in notifications Yes Yes Yes
Project- and folder-level access permissions No No Yes
Continuous Exports No No Yes
Threat prevention Highlight high-risk security misconfigurations, such as open storage buckets Yes; limited set Yes; Standard findings Yes; Premium findings
Highlight comprehensive set of security misconfigurations, such as API keys that need rotation and Compute Engine instance misconfigurations No No Yes; Premium findings
Web application vulnerability scans Yes; unmanaged, manual scans Yes; unmanaged, manual scans Yes; managed, automated scans
Automatic detection and scanning of web applications No No Yes
Compliance Surface compliance violations for regulations such as CIS, PCI-DSS, NIST 800-53, ISO-27001 No No Yes
Compliance reporting and exporting of reports No No Yes
Threat detection Log based threat detection (Event Threat Detection) Yes; add-on, additional cost No Yes
Real time threat detection for containers (Container Threat Detection) No No Yes
Highlight potential abuse or malicious use of instances Yes Yes Yes
First-party and third-party integrations Integrate threat intelligence from third-party security products No No Yes
Customize your response to findings Yes Yes Yes
Early Access Center Eligible to try early access features and products before general release (eligibility doesn't guarantee selection for previews) No No Yes

For more information about the cost of Security Command Center Premium, see Pricing.

Findings retention

If you upgrade to Security Command Center Standard or Premium before June 7, 2021, you continue to have full access to your existing settings and findings, which reappear in the Security Command Center dashboard.

After upgrading, generally, if the same vulnerabilities are found during new scans, existing findings are updated. If your application, website, or other Google Cloud resources changed substantially since the last scan, new findings might be created. Logs and kernel events that generated threat findings are not reprocessed, so existing threat findings are never updated.

We recommend that you upgrade to Security Command Center Standard or Premium before June 7, 2021 to protect all of your Google Cloud resources and retain access to your findings. If you don't want to upgrade, you must export your findings in order to have access to them after June 7, 2021.