5 steps to improve your cloud security posture with Cloud Security Command Cente...
source link: https://chinagdg.org/2019/08/5-steps-to-improve-your-cloud-security-posture-with-cloud-security-command-center/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
5 steps to improve your cloud security posture with Cloud Security Command Center
Source: 5 steps to improve your cloud security posture with Cloud Security Command Center from Google Cloud
Editor’s note:This the first blog in our six part series on how to use Cloud Security Command Center.
One of the great benefits of cloud-based services is how easy they are to deploy. However, this ease of deployment can make it so your organization isn’t always aware of exactly what services you’re running.
When you combine this with the increasing volume of cyber attacks, it becomes clear that you need to be able to see what resources you’re running, the vulnerabilities and threats present, and how to fix them before they can result in damage or loss.
Cloud Security Command Center (Cloud SCC) helps you with all of these tasks by providing a centralized dashboard to help you prevent, detect, and respond to threats in your GCP environment. You can start improving your cloud security posture today in five steps.
Step 1: Set up Cloud IAM permissions
To use Cloud Security Command Center, someone in your organization needs to have the Security Center IAM role. This role provides access to Cloud SCC and ensures that users with the role assigned have the right level of permissions to complete their tasks.
Step 2: Enable Cloud Security Command Center
Cloud Security Command Center is not enabled by default, giving you the flexibility to choose where you want to use it. We recommend that you enable Cloud SCC for organizations running development, testing, and production workloads.
To enable Cloud SCC, you’ll also need to turn on Asset Monitoring. This allows Cloud SCC to discover what GCP assets—our term for resources—you’re running in Google Cloud.
Step 3: Turn on Security Sources
Once you’ve enabled Cloud SCC, you can toggle on our built-in features and products to see the security state of your GCP assets. These features and products can surface information such as misconfigured identity and access management policies, leaked credentials, or what storage buckets contain sensitive and regulated data.
We recommend that you turn on all our built-in capabilities and products to increase your visibility into misconfigurations, vulnerabilities, and threats in your environment.
Step 4: View your security state by Assets
Now that you’ve turned on Cloud Security Command Center, Asset Monitoring, and Security Sources, you can see the security state of your GCP assets. Looking at your security state by project within Assets lets you see issues related to a specific project.
You can also view your security state by asset type. This lets you see the state of your organization at a specific time, or check out which assets have changed, so you can look for unauthorized modifications.
Step 5: View your security state by Findings
Findings are what Cloud SCC has discovered about your assets or resources.
You can filter your findings by type, the issue Cloud SCC discovered with your resource, or by source (the feature or product that found the issue). You can also filter findings based on time, so you can quickly gain insight into all the security issues surfaced at a particular time.
Cloud SCC in action
To learn more about how to get started with Cloud SCC, and see it in action, check out our video.
Recommend
-
48
CloudSploit by Aqua - Cloud Security Scans Quick Start Generic $ git clone https://github.com/aquasecurity/cloudsploit.git $ cd cloudsploit $ npm install $ ./index.js -h Docker
-
1
Threat Update 65 – What is Cloud Security Posture Management (CSPM)? Data Security ...
-
12
Improve your posture with a real-time monitoring app for Mac
-
8
The Top 5 Apps That Help You Improve Your Posture By Lindsay E. Mack Published 15 hours ago Maintain a healthy spine an...
-
2
How cross-operational teams can improve security posture
-
5
How Onyxia uses security AI to help CISOs improve their security posture
-
5
Former Member Mar 19, 2009 at 10:31 AM Profit center balances transfer from old profit centers to new profit cente 426 Views
-
6
Introducing Automated Posture Management: Fix Cloud Security Risks with One-Click By 2025, more than 99% of cloud breaches will have a root cause of preventable misconfigurations or...
-
7
Improve Security Posture with Static Application Security Testing (SAST) SAST discovers potential issues in source code by analyzing code without actually...
-
9
Emerging trends in cloud computing: AI, multicloud and edge computing take center stage
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK