Blog

Favorite Google Cloud Service: Google Cloud Security Command Center Premium

Xebia Background Header Wave

Introducing the Service

To help users secure their cloud assets, Google Cloud Platform (GCP) provides many security tools that natively integrate with GCP services, including tools for key management, identity and access management, logging, monitoring, security scanners, asset management, and compliance.

Generally, security experts never disclose secrets, but today, we sat down with Jorge Liauw Calo, one of Xebia’s Google Cloud Security Engineers, and spoke about the security services that you can use in the Google Cloud to protect your infrastructure and workloads. Specifically, Jorge’s favorite Google Cloud Security Service; is Google Cloud Security Command Center Premium.

In this blog Jorge will take us along the what, why, and how of the Google Cloud Security Command Center Premium (SCC).

What is the Google Cloud Security Command Center?

Let’s start with the “what”. The SCC is a native service provided by Google with the goal of:

  • Gaining centralized visibility and control
  • Discovering misconfigurations and vulnerabilities
  • Reporting on and maintaining compliance
  • Detecting threats targeting your Google Cloud assets

Through a system of alerts and security scans, this service allows you to have a great single pane of glass about potential threats and misconfigurations of your Cloud. During the interview, Jorge explained it in one simple sentence;

“It is like the State of the Union Address but for your Cloud environment, and instead of being once a year it is anytime any vulnerabilities are detected (real-time), it is incredibly useful for good insights and to know which safeguard to implement on your cloud.”

Why is the Google Cloud Security Command Center a Solid Security Service?

So “why” is the SCC one of the best cloud-native security services? According to Liauw Calo, it is due to its great detection capability and practical use. SCC is pretty hands-on and gives you an overview of the security of your Cloud, where one can see the criticality and severity of the threats and misconfiguration.

“It is a great starting point for clients to understand what their security risks are and prioritize where to start fixing it,” said Jorge.

In addition, the SCC also informs users on how to solve the detected issues.SCC screeshotSCC screenshot 2

How does the Google Cloud Security Command Center keep users informed about their security?

After explaining the “what” and the “why”, Jorge dives into “how” SCC provides a great security service.

Security Command Center really helps our clients to turn insights into actions. The findings are a great starting point to improve and fix security in the short and long run.SCC screenshot 3

So how does SCC provide such a strong security service, well these are some of the reasons:

  1. Provides an overview of what the most severe security risks are in your Cloud.
  2. Detects and prevents security weaknesses in an early stage, giving you the ability to fix them before they are exploited by hackers.
  3. Real-time insights on the security issues
  4. Monitor and maintain compliance
  5. Managed Compliance rules (PCI-DSS, NIST, ISO27001)
  6. Increase detection of threats for Virtual Machines (VMs) and Containers
  7. Real-time alerts of high and critical severity findings
  8. Every DevOps will own its dashboard to have insights into the security status of their project
  9. Use Security Command Center as a source to create dashboarding for business stakeholders like CISO and CTO
  10. Integration with other Google services and security solutions like Chronicle (SIEM) and Siemplify (SOAR)

Conclusion

By using the interview with security expert Jorge Liauw Calo, this blog has touched upon “why”, “how”, and “what” the Security Command Center entails. Jorge explained in great detail what makes this Google cloud-native security service excellent for companies, and why it provides detailed and precise security intel. If you are curious about what Security Command Center can do for your Cloud Security, schedule a demo with Jorge Liauw Calo.

Jorge Liauw Calo
I’m a Cloud Security Architect with experience and a focus on Google Cloud. With topics such as security reviews, infrastructure security, network security, vulnerability management and security monitoring are things I help to introduce and/or improve at our customers. I like to learn new skills and improve my capabilities in Google Cloud and Cloud Security. For Xebia Cloud I am the Practise Lead for Cloud Security. Besides working with Cloud and Security, I spend a lot of time staying in shape by training for and participating in marathons.
Questions?

Get in touch with us to learn more about the subject and related solutions

Explore related posts