Editor’s note: This is the last installment of our six-part blog series on how to use Cloud Security Command Center. There are links to the five previous installments at the end of this post.
When you deploy new Google Cloud services, you need visibility into what’s running and how you can improve their security. If you don’t, your organization might not be aware of risky misconfigurations that leave you susceptible to attacks.
To help you find misconfigurations, and respond quickly to them, we developed Security Health Analytics, and built it into Cloud Security Command Center (Cloud SCC). Security Health Analytics gives you visibility into misconfigurations in your GCP resources and provides actionable recommendations for how to fix them. In this blog, we’ll take a closer look at Security Health Analytics, and provide a video where you can learn more.
Enabling Security Health Analytics
Since Security Health Analytics is built in to Cloud SCC, to use it you just need to have one of two roles: the Organization Administrator Cloud Identity and Access Management (Cloud IAM) role or the Security Center IAM role.
Viewing different types of misconfigurations
You can see the Security Health Analytics card–which lists its findings and the types of misconfigurations present in your environment–directly from Vulnerabilities dashboard in Cloud SCC. There is a long list of vulnerabilities Security Health Analytics can identify, including:
Firewall rules that are configured to be open to public access
Cloud Storage buckets that are publicly accessible
Instances configured with public IP addresses
Instances with SSL not being enforced
Resources where the Web UI isn’t enabled
You can find the full list of potential findings in the documentation.