Uncategorized

Google Cloud’s Security Command Centre enters beta phase


Connor Jones

6 Dec, 2018

Google Cloud has announced its Cloud Security Command Centre (SCC), previously revealed back in March, is now available in beta to Google Cloud Platform (GCP) customers.

The Cloud SCC, according to Google Cloud, is the first of its kind to be offered by a major cloud provider which offers organization-level visibility into assets, vulnerabilities, and threats. Essentially, the new service provides a user-friendly hub for all levels of a business to access and assess data security events from across its network.

Data can be accessed through a simple dashboard which allows for fast detection of security risks and possible vulnerabilities. This can include overly permissive firewalls and alerts relating to possible compromise leading to coin mining.

The Cloud SCC gives users a comprehensive overview of all cloud assets across GCP services, allowing the viewing of resources across the whole GCP organisation or for just specific projects. It also allows users to make changes such as setting up automatic notifications after a policy change is made to a network firewall, which then needs to be reverted at a late date.

Another interesting feature about the Cloud SCC is that it provides an overview of not just Google Cloud security services such as Foresti and Cloud Security Scanner, but for third-party services too if the business has those implemented alongside Google Cloud services.

The features also work to streamline the experience of detecting security risks in the business by having all assets feed information into one dashboard, without having to visit separate consoles or cloud environments. Third-party tools can also be directly accessed through Cloud SCC to help speed remediation efforts.

The SCC will also provide coverage across Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Container Registry, Kubernetes Engine, and Virtual Private Cloud, the company confirmed.

The tool is similar in function to the Shield platform currently being developed by Box, announced in August. Box is betting on machine learning-based security as a major selling point of the platform, which will also give admins a detailed overview of a company’s security portfolio.

Set to be released in 2019, Box Shield will allow security analysts to check to see what content is being accessed, who is accessing it, and whether sensitive data is being downloaded.