Cloud Security, Channel partners, Content

Google Cloud Security Command Center: Beta Testing Starts

Google Cloud Security Command Center (Cloud SCC) beta tests have started, according to a prepared statement. An alpha version previously was released in March.

The beta release provides Google Cloud Platform customers with organization-level visibility into assets, vulnerabilities and threats, the company indicated. It also offers a variety of features, including:

  • 13 identity and access management (IAM) roles.
  • Asset discovery.
  • Java, Node, Go and other client libraries.
  • Self-serve onboarding.
  • Self-serve partner security sources.

The Cloud SCC beta is now available via the GCP Marketplace.

Cloud SCC: Here's What You Need to Know

Key features of Cloud SCC include:

  • Access control monitoring.
  • Anomaly and application vulnerability detection.
  • Asset discovery and inventory.
  • Real-time notifications.
  • Sensitive data identification.

Security teams can use Cloud SCC to analyze GCP infrastructure, configuration, application and data risks, Google stated. They also can view and monitor an inventory of an organization's cloud assets, receive security updates, scan cloud storage, identify web vulnerabilities and review access rights to critical resources via a single, centralized data platform and dashboard.

Cavirin Systems Adds Cloud SCC Support

Early partners include Cavirin Systems, a company that specializes in hybrid cloud cybersecurity risk and compliance posture management. Cavirin has integrated its CyberPosture Intelligence platform with Cloud SCC. Now, GCP customers can leverage the Cloud SCC Dashboard in conjunction with CyberPosture Intelligence for security assessments, monitoring, scoring and remediation.

The Cavirin-Cloud SCC integration provides GCP customers with the following capabilities:

  • Discovery of and visibility into container and virtual machine (VM) GCP workloads.
  • Support for the Center for Internet Security (CIS) GCP Foundation Benchmark and GCP Network Policy Pack security posture best practices.
  • Integration to Google StackDriver activity logs to identify new or modified resources.
  • Integration to the Google Container Registry for image assurance.
  • Roll-back and auto-remediation via Google Functions to various configurations.
  • Visibility into GCP services and resources.

CyberPosture Intelligence empowers organizations with risk, cybersecurity and compliance management capabilities, according to Cavirin. It also offers real-time visibility, predictive analytics and remediation via development and security operations (DevSecOps) integrations.

Google Cloud Platform: Under Pressure?

Although Google Cloud Platform is growing, it's difficult to determine if the platform's revenues are keeping pace with Amazon Web Services (AWS) and Microsoft Azure.

Indeed, Google has not disclosed GCP revenues during recent earnings call. Diane Greene, CEO of the division, recently disclosed her decision to leave the company. Former Oracle President Thomas Kurian is set to succeed Greene, the company confirmed in November 2018.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.