Security Command Center API

Security Command Center API provides access to temporal views of assets and findings within an organization.

Service: securitycenter.googleapis.com

We recommend that you call this service using Google-provided client libraries. If your application needs to call this service using your own libraries, you should use the following information when making the API requests.

Discovery document

A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service may have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://securitycenter.googleapis.com

REST Resource: v1beta2.folders

Methods
getContainerThreatDetectionSettings GET /v1beta2/{name=folders/*/containerThreatDetectionSettings}
Get the ContainerThreatDetectionSettings resource.
getEventThreatDetectionSettings GET /v1beta2/{name=folders/*/eventThreatDetectionSettings}
Get the EventThreatDetectionSettings resource.
getSecurityHealthAnalyticsSettings GET /v1beta2/{name=folders/*/securityHealthAnalyticsSettings}
Get the SecurityHealthAnalyticsSettings resource.
getWebSecurityScannerSettings GET /v1beta2/{name=folders/*/webSecurityScannerSettings}
Get the WebSecurityScannerSettings resource.
updateContainerThreatDetectionSettings PATCH /v1beta2/{containerThreatDetectionSettings.name=folders/*/containerThreatDetectionSettings}
Update the ContainerThreatDetectionSettings resource.
updateEventThreatDetectionSettings PATCH /v1beta2/{eventThreatDetectionSettings.name=folders/*/eventThreatDetectionSettings}
Update the EventThreatDetectionSettings resource.
updateSecurityHealthAnalyticsSettings PATCH /v1beta2/{securityHealthAnalyticsSettings.name=folders/*/securityHealthAnalyticsSettings}
Update the SecurityHealthAnalyticsSettings resource.
updateWebSecurityScannerSettings PATCH /v1beta2/{webSecurityScannerSettings.name=folders/*/webSecurityScannerSettings}
Update the WebSecurityScannerSettings resource.

REST Resource: v1beta2.folders.containerThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=folders/*/containerThreatDetectionSettings}:calculate
Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.folders.eventThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=folders/*/eventThreatDetectionSettings}:calculate
Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.folders.securityHealthAnalyticsSettings

Methods
calculate GET /v1beta2/{name=folders/*/securityHealthAnalyticsSettings}:calculate
Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.folders.webSecurityScannerSettings

Methods
calculate GET /v1beta2/{name=folders/*/webSecurityScannerSettings}:calculate
Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.organizations

Methods
getContainerThreatDetectionSettings GET /v1beta2/{name=organizations/*/containerThreatDetectionSettings}
Get the ContainerThreatDetectionSettings resource.
getEventThreatDetectionSettings GET /v1beta2/{name=organizations/*/eventThreatDetectionSettings}
Get the EventThreatDetectionSettings resource.
getSecurityCenterSettings GET /v1beta2/{name=organizations/*/securityCenterSettings}
Get the SecurityCenterSettings resource.
getSecurityHealthAnalyticsSettings GET /v1beta2/{name=organizations/*/securityHealthAnalyticsSettings}
Get the SecurityHealthAnalyticsSettings resource.
getSubscription GET /v1beta2/{name=organizations/*/subscription}
Get the Subscription resource.
getWebSecurityScannerSettings GET /v1beta2/{name=organizations/*/webSecurityScannerSettings}
Get the WebSecurityScannerSettings resource.
updateContainerThreatDetectionSettings PATCH /v1beta2/{containerThreatDetectionSettings.name=organizations/*/containerThreatDetectionSettings}
Update the ContainerThreatDetectionSettings resource.
updateEventThreatDetectionSettings PATCH /v1beta2/{eventThreatDetectionSettings.name=organizations/*/eventThreatDetectionSettings}
Update the EventThreatDetectionSettings resource.
updateSecurityHealthAnalyticsSettings PATCH /v1beta2/{securityHealthAnalyticsSettings.name=organizations/*/securityHealthAnalyticsSettings}
Update the SecurityHealthAnalyticsSettings resource.
updateWebSecurityScannerSettings PATCH /v1beta2/{webSecurityScannerSettings.name=organizations/*/webSecurityScannerSettings}
Update the WebSecurityScannerSettings resource.

REST Resource: v1beta2.organizations.containerThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=organizations/*/containerThreatDetectionSettings}:calculate
Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.organizations.eventThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=organizations/*/eventThreatDetectionSettings}:calculate
Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.organizations.securityHealthAnalyticsSettings

Methods
calculate GET /v1beta2/{name=organizations/*/securityHealthAnalyticsSettings}:calculate
Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.organizations.webSecurityScannerSettings

Methods
calculate GET /v1beta2/{name=organizations/*/webSecurityScannerSettings}:calculate
Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.projects

Methods
getContainerThreatDetectionSettings GET /v1beta2/{name=projects/*/containerThreatDetectionSettings}
Get the ContainerThreatDetectionSettings resource.
getEventThreatDetectionSettings GET /v1beta2/{name=projects/*/eventThreatDetectionSettings}
Get the EventThreatDetectionSettings resource.
getSecurityHealthAnalyticsSettings GET /v1beta2/{name=projects/*/securityHealthAnalyticsSettings}
Get the SecurityHealthAnalyticsSettings resource.
getWebSecurityScannerSettings GET /v1beta2/{name=projects/*/webSecurityScannerSettings}
Get the WebSecurityScannerSettings resource.
updateContainerThreatDetectionSettings PATCH /v1beta2/{containerThreatDetectionSettings.name=projects/*/containerThreatDetectionSettings}
Update the ContainerThreatDetectionSettings resource.
updateEventThreatDetectionSettings PATCH /v1beta2/{eventThreatDetectionSettings.name=projects/*/eventThreatDetectionSettings}
Update the EventThreatDetectionSettings resource.
updateSecurityHealthAnalyticsSettings PATCH /v1beta2/{securityHealthAnalyticsSettings.name=projects/*/securityHealthAnalyticsSettings}
Update the SecurityHealthAnalyticsSettings resource.
updateWebSecurityScannerSettings PATCH /v1beta2/{webSecurityScannerSettings.name=projects/*/webSecurityScannerSettings}
Update the WebSecurityScannerSettings resource.

REST Resource: v1beta2.projects.containerThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=projects/*/containerThreatDetectionSettings}:calculate
Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.projects.eventThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=projects/*/eventThreatDetectionSettings}:calculate
Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.projects.locations.clusters

Methods
getContainerThreatDetectionSettings GET /v1beta2/{name=projects/*/locations/*/clusters/*/containerThreatDetectionSettings}
Get the ContainerThreatDetectionSettings resource.
updateContainerThreatDetectionSettings PATCH /v1beta2/{containerThreatDetectionSettings.name=projects/*/locations/*/clusters/*/containerThreatDetectionSettings}
Update the ContainerThreatDetectionSettings resource.

REST Resource: v1beta2.projects.locations.clusters.containerThreatDetectionSettings

Methods
calculate GET /v1beta2/{name=projects/*/locations/*/clusters/*/containerThreatDetectionSettings}:calculate
Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.projects.securityHealthAnalyticsSettings

Methods
calculate GET /v1beta2/{name=projects/*/securityHealthAnalyticsSettings}:calculate
Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.

REST Resource: v1beta2.projects.webSecurityScannerSettings

Methods
calculate GET /v1beta2/{name=projects/*/webSecurityScannerSettings}:calculate
Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.

Service: securitycenter.googleapis.com

We recommend that you call this service using Google-provided client libraries. If your application needs to call this service using your own libraries, you should use the following information when making the API requests.

Discovery document

A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service may have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://securitycenter.googleapis.com

REST Resource: v1beta1.organizations

Methods
getOrganizationSettings GET /v1beta1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1beta1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1beta1.organizations.assets

Methods
group POST /v1beta1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1beta1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1beta1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1beta1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1beta1.organizations.operations

Methods
cancel POST /v1beta1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1beta1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1beta1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1beta1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1beta1.organizations.sources

Methods
create POST /v1beta1/{parent=organizations/*}/sources
Creates a source.
get GET /v1beta1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1beta1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1beta1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1beta1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1beta1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1beta1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1beta1.organizations.sources.findings

Methods
create POST /v1beta1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1beta1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1beta1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1beta1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1beta1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1beta1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.

Service: securitycenter.googleapis.com

We recommend that you call this service using Google-provided client libraries. If your application needs to call this service using your own libraries, you should use the following information when making the API requests.

Discovery document

A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service may have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://securitycenter.googleapis.com

REST Resource: v1.organizations

Methods
getOrganizationSettings GET /v1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1.organizations.assets

Methods
group POST /v1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1.organizations.notificationConfigs

Methods
create POST /v1/{parent=organizations/*}/notificationConfigs
Creates a notification config.
delete DELETE /v1/{name=organizations/*/notificationConfigs/*}
Deletes a notification config.
get GET /v1/{name=organizations/*/notificationConfigs/*}
Gets a notification config.
list GET /v1/{parent=organizations/*}/notificationConfigs
Lists notification configs.
patch PATCH /v1/{notificationConfig.name=organizations/*/notificationConfigs/*}
Updates a notification config.

REST Resource: v1.organizations.operations

Methods
cancel POST /v1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1.organizations.sources

Methods
create POST /v1/{parent=organizations/*}/sources
Creates a source.
get GET /v1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1.organizations.sources.findings

Methods
create POST /v1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.