Security Command Center

Architecture

For more details on Security Command Center:

• Marco Lancini Security Logging in Cloud Environments - GCP

General Info

• Provides a single, centralized dashboard to view and monitor an inventory of the cloud assets
• Use cases:
  • Gives centralized visibility into cloud resources
  • Uncovers machines that are being used for malicious purposes
  • Integrates with both Google and third-party security tools
  • Helps meet compliance requirements

Characteristics

• Functioning
  • Scans for assets at least once a day
  • Dashboard displays any findings (possible security risks)
  • Findings come from Google Cloud, third-party solutions, or other security detectors
• Requires two IAM administrative permissions to set up
  • Organization Administrator role: roles/resourcemanager.organizationAdmin
  • Security Center Admin role: roles/securitycenter.admin
• Integrates with:
  • Anomaly detection from Google
  • Event Threat Detection
  • Web Security Scanner
  • Cloud Data Loss Prevention