This page discusses the deprecation of Security Command Center Legacy and Event Threat Detection Legacy, and how you can migrate your account to Security Command Center Standard or Premium.
Overview
Security Command Center Legacy, previously known as Cloud Security Command Center, and Event Threat Detection Legacy were permanently disabled for all customers on June 7, 2021. To continue benefiting from Security Command Center, you must migrate your organizations to Security Command Center's Standard tier or Premium tier. Event Threat Detection, a built-in service of Security Command Center, is available only in the Premium tier.
If you onboarded to Security Command Center before May 2020, or Event Threat Detection before June 2020, and never upgraded to Security Command Center's Standard tier or Premium tier, you are using a legacy product. Legacy products have a limited, static feature set while Security Command Center's tiered services are continually improved with new detectors and features that protect you against an evolving threat landscape:
Security Command Center Standard includes Security Health Analytics, Anomaly Detection, and unmanaged scans in Web Security Scanner, which together detect common vulnerabilities and anomalies in your website or application projects. In the Standard tier, Security Health Analytics only includes a basic group of high-severity detectors.
Security Command Center Premium includes Standard tier services and adds compliance reporting, managed Web Security Scanner scans, and all Security Health Analytics detectors. The Premium tier also includes Container Threat Detection and Event Threat Detection, which provide near-real time threat detection for your organization and containers.
For a detailed comparison of legacy products to Security Command Center Standard and Premium, see Feature comparison later on this page.
How to upgrade
To activate Security Command Center Standard, see Setting up Security Command Center. To subscribe to Security Command Center Premium, contact your sales representative or fill out our Premium inquiry form. You should receive a response within two US business days. Flexible pricing plans are available for a limited time for legacy users upgrading to the Premium tier.
During onboarding, you create a new Security Command Center service account, configure the product and, if necessary, re-enable individual services.
When you subscribe to Security Command Center Premium, Event Threat Detection is turned on by default.
The following sections describe upcoming changes for legacy customers.
Security Command Center Legacy deprecated
Security Command Center Legacy was turned down on June 7, 2021. If you didn't upgrade to Security Command Center Standard or Premium before that date, you see the following changes:
- Security scans stop running for your organization until you onboard to Security Command Center Standard or Premium.
- Finding notifications are turned off.
- Security Command Center stops accepting findings from integrated services, like Cloud Data Loss Prevention, and third-party products. You might still be billed by external providers based on their usage fees.
- You can no longer access Security Command Center Legacy in the Google Cloud console. You are redirected to the Security Command Center onboarding page to migrate your account.
- You can no longer access the Security Command Center API,
securitycenter.googleapis.com:
- You can't view or edit existing findings, or submit new ones. Findings generated before the deprecation date are preserved in Security Command Center, following our standard findings retention policy.
- You can't access or edit any legacy settings.
- You receive client errors when attempting to access the API.
- Cloud Support can't access settings or features in legacy products. For questions or assistance in upgrading, complete our inquiry form.
- Documentation referencing Security Command Center Legacy, except this page, is removed.
Event Threat Detection Legacy deprecated
Event Threat Detection Legacy was turned down on June 7, 2021. If you didn't upgrade to Security Command Center Premium before that date, you see the following changes:
- Threat detection stops running for your organization until you onboard to Security Command Center Premium.
- Event Threat Detection's consumption billing service is discontinued and billing is stopped.
- You can no longer access the Event Threat Detection Legacy interface in the Google Cloud console and are redirected to the onboarding page to migrate your account.
- The Threat Detection API, threatdetection.googleapis.com, is disabled.
- Findings generated by Event Threat Detection before the deprecation date are preserved in Security Command Center, following our standard findings retention policy.
- Cloud Support can't access settings or features in legacy products. For questions or assistance in upgrading, complete our inquiry form.
- Documentation referencing Event Threat Detection Legacy, except this page, is removed.
Feature comparison
The built-in services in Security Command Center Standard and Premium are continually improved and have a broader feature set than legacy products. The Standard tier is free and includes new detectors and an improved interface. Event Threat Detection is available only in the Premium tier and includes new detectors that let you monitor your BigQuery resources and detect threats from anomalous IP addresses and user agents.
The following table compares legacy product features to Security Command Center Standard and Premium.
For more information about the cost of Security Command Center Premium, see Pricing.
Findings retention
If you upgraded to Security Command Center Standard or Premium before June 7, 2021, you continue to have full access to your existing settings and findings, which reappear in the Security Command Center dashboard.
After upgrading, generally, if the same vulnerabilities are found during new scans, existing findings are updated. If your application, website, or other Google Cloud resources changed substantially since the last scan, new findings might be created. Logs and kernel events that generated threat findings are not reprocessed, so existing threat findings are never updated.
If you don't want to upgrade, you must export your findings in order to have access to them after June 7, 2021.f