Google Cloud releases new centralised security database
Dominant cloud provider Amazon Web Services (AWS)’s launch of the AWS Security Hub was among its headline announcements at last week’s re:Invent summit.
The hub aggregates and automatically prioritises security alerts and findings across endpoint protection, compliance scanners and more.
Days later Google Cloud wants the market to know that it also launched a “Cloud Security Command Centre” (or “Cloud SCC – shall we call it a hub?) – and (curse you, AWS) was “the first major cloud provider to offer organization-level visibility into assets, vulnerabilities, and threats” with its alpha launch of the tool in March 2018.
Google Cloud Security Command Centre: A Hub for Improved Visibility, Action
The hub allows users to view which Cloud Storage buckets are publicly accessible, identify VMs with public addresses, discover overly permissive firewall rules, and be alerted to instances that may have been compromised to perform coin mining.
“With this tool, security teams can answer questions like ‘Which cloud storage buckets contain PII?’, ‘Do I have any buckets that are open to the Internet?’ and ‘Which cloud applications are vulnerable to XSS vulnerabilities?'” Google Cloud said.
Users can also see if users outside of your designated domain, or GCP organization, have access to your resources. It also integrates with third-party cloud security solutions from vendors such as Cavirin, Chef, and Redlock.
This is a growing request for cloud users, who increasingly face the challenge of identifying precisely where it is that their perimeter and a cloud’s begin and end; with the notion of “shared responsibility” making nobody entirely happy. Meanwhile, having a single dashboard for all cloud security tools and some on-prem ones too is a winner.
“By integrating partner solutions with Cloud Security Command Center, you can get a comprehensive view of risks and threats all in one place without having to go to separate consoles” said Andy Chang, a senior product manager at Google Cloud in a blog shared Wednesday.
“It includes expanded coverage across GCP services including Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Container Registry, Kubernetes Engine, and Virtual Private Cloud; 13 IAM roles added for fine grained access control across Cloud SCC; expanded client libraries including Java, Node, and Go; and self-serve partner security sources, such as Cavirin, Chef, and Redlock, via GCP Marketplace.”