Morioh
Login
Houston Sipes

Houston Sipes

3 years ago

Unlike an on-premise data center where perimeter security protects the entire installation and resources, the nature of the cloud environment, with diverse technologies and locations, requires a different approach. Usually, the decentralized and dynamic nature of the cloud environment leads to an increased attack surface.

In particular, misconfigurations on the cloud platforms and components expose the assets while increasing the hidden security risks. Sometimes, developers may open a data store when developing a piece of software but then leave it open when releasing the application to the market.

As such, in addition to following security best practices, there is a need to ensure proper configurations as well as the ability to provide continuous monitoring, visibility, and compliance.

Luckily, there are several tools to help you improve security by detecting and preventing misconfigurations, providing visibility into the security posture of the GCP as well as identifying and addressing other vulnerabilities.

Update: for the AWS security scanner, check out this post.

Google Cloud SCC

The Google Cloud SCC is an integrated risk analysis and dashboard system that enables GCP customers to understand their security posture and take remedial actions to protect their cloud resources and assets from a single-pane-of-glass.

Cloud SCC (Security Command Center) provides visibility into what assets are running on the Google cloud environment as well as risky misconfigurations, hence enabling teams to reduce their exposure to threats. Also, the comprehensive security and data risk management tool help the GCP clients to enforce security best practices.

Google Cloud Security Command Center tools

The basic command center comprises of several security tools from Google. However, it is a flexible platform that integrates with a wide range of third party tools to enhance security and increase coverage in terms of components, risks, and practices.

Features

  • View and address misconfigured issues such as firewalls, IAM rules, etc.
  • Detect, respond and prevent threats and compliance issues
  • Identify most of the vulnerabilities and risks such as mixed content, flash injection, and more while allowing you to easily explore the results.
  • Identify publicly exposed assets such as VMs, SQL instances, buckets, datasets, etc.
  • Asset discovery and inventory, identifying vulnerabilities, sensitive data, and anomalies,
  • Integrates with third-party tools to enhance the identification and addressing of compromised endpoints, network attacks, DDoS, policy and compliance violations, instance security vulnerabilities, and threats.

#cloud computing #security #gcp

How to Perform GCP Security Scanning to find Misconfiguration?

geekflare.com

How to Perform GCP Security Scanning to find Misconfiguration?

☁️ Cloud infrastructure has benefits such as flexibility, scalability, high performance, and affordability. Once you subscribe to a service, such as the

1.25 GEEK