Security Command Center
Security and risk management platform for Google Cloud.
Gain centralized visibility and control
Understand the number of projects you have, what resources are deployed, and manage which service accounts have been added or removed.
Fix misconfigurations and compliance violations
Identify security misconfigurations and compliance violations in your Google Cloud assets and resolve them by following actionable recommendations.
Detect threats targeting your Google Cloud assets
Uncover threats targeting your resources using logs and powered by Google’s unique threat intelligence; use kernel-level instrumentation to identify potential compromises of containers.
Security Command Center concepts
Quickly learn about key Security Command Center concepts.
Security Command Center evaluation guide
Use this guide to set up and and evaluate the core capabilities of Security Command Center Premium.
Quotas and limits
Quotas and limits for Security Command Center.
Security Command Center FAQs
Discover the answers to frequently ask questions for Security Command Center.
Getting started with Security Command Center
Watch our six-part video series to learn how to get started with Security Command Center.
Google Cloud Skills Boost: Security in Google Cloud
This on-demand course gives participants broad study of security controls and techniques on Google Cloud.
Securing Web Applications with Web Security Scanner
In this lab, you will learn how Web Security Scanner, a built-in service in the Security Command Center, helps identify web application vulnerabilities.
|Security posture management||Native ability to surface the misconfigurations and vulnerabilities in your Google Cloud resources. Helps ensure the appropriate policies are in place and get alerted when policies are misconfigured or unexpectedly change.|
|Built-in threat detection||Security Command Center Premium provides comprehensive threat detection for Google Cloud that includes Event Threat Detection, Container Threat Detection, and Virtual Machine Threat Detection as built-in services.|
|Compliance monitoring||Review and export compliance reports to help ensure all your resources are meeting their compliance requirements with PCI-DSS 3.2.1, OWASP Top Ten, NIST 800-53, ISO 27001, and CIS benchmarks for Google Cloud foundation (v1.0, v1.1, v1.2).|
|SIEM and SOAR integrations||Leverage the Security Command Center built-in integrations to easily integrate with your SIEM and SOAR platforms. You can automatically send Security Command Center data to SIEM/SOAR platforms for further analysis and manage responses to security findings.|
|Granular access control||Uses Identity and Access Management (IAM) roles to enable fine-grained access control at folder and project levels. It helps you to control who can do what with assets, findings, and security sources in your Security Command Center environment.|
|Real-time notifications and remediation||Receive notifications about new findings or updates to findings within minutes and take action. Quickly remediate security alerts by using Pub/Sub events and Cloud Functions. Receive Security Command Center alerts via Gmail, SMS, and Jira with Pub/Sub notification integration.|