This page shows you how to do basic operations in Google Cloud Security Scanner using the Google Cloud Platform Console on a test application.
Before you begin
Sign in to your Google Account.
If you don't already have one, sign up for a new account.
Select or create a GCP project.
- Deploy the test App Engine application in the language of your choice: Java | Python | Go | PHP.
- Make sure the account you are logged into has Editor or Owner
Go to the permissions page
This page allows you to view and set roles for project members.
Run the scan
The scan does not run immediately, but is queued for later execution; it can take hours before the scan executes, depending on current load.
In the Google Cloud Platform Console, visit the security-scanner page:
Go to the security-scanner page
This page allows you to create, save, and run a scan.
The first time you scan your application, you'll be prompted to create a new scan:
Click Create scan to display the new scan form:
For now, just use the default scan without setting any values in this form. For more information about these form settings, see Using Cloud Security Scanner.
Click Create to create the scan.
Click Run scan:
The scan will be queued, and then at some future time, executed. It may take several hours before the scan is actually run.
After the scan runs to completion, The scan will display a results page when it completes, such as the following if no vulnerabilities were detected:
You just completed a scan using Cloud Security Scanner!