Source: Find and fix misconfigurations in your Google Cloud resources from Google Cloud
Editor’s note: This is the last installment of our six-part blog series on how to use Cloud Security Command Center. There are links to the five previous installments at the end of this post.
When you deploy new Google Cloud services, you need visibility into what’s running and how you can improve their security. If you don’t, your organization might not be aware of risky misconfigurations that leave you susceptible to attacks.
To help you find misconfigurations, and respond quickly to them, we developed Security Health Analytics, and built it into Cloud Security Command Center (Cloud SCC). Security Health Analytics gives you visibility into misconfigurations in your GCP resources and provides actionable recommendations for how to fix them. In this blog, we’ll take a closer look at Security Health Analytics, and provide a video where you can learn more.
Enabling Security Health Analytics
Since Security Health Analytics is built in to Cloud SCC, to use it you just need to have one of two roles: the Organization Administrator Cloud Identity and Access Management (Cloud IAM) role or the Security Center IAM role.
Viewing different types of misconfigurations
You can see the Security Health Analytics card—which lists its findings and the types of misconfigurations present in your environment—directly from Vulnerabilities dashboard in Cloud SCC. There is a long list of vulnerabilities Security Health Analytics can identify, including:
Firewall rules that are configured to be open to public access
Cloud Storage buckets that are publicly accessible
Instances configured with public IP addresses
Instances with SSL not being enforced
Resources where the Web UI isn’t enabled
You can find the full list of potential findings in the documentation.
Taking action on a misconfiguration
When you click on a finding, you get a short description of the issue, as shown in the diagram below. This description includes the GCP asset or resource impacted, how it was detected, an overview of the issue, and even a step-by-step recommendation on how to fix it.
The recommendation, under the “Remediation” heading, provides a link to the impacted resource. Once there, all you need to do is follow the recommendations and click save.
Video: Start using Security Health Analytics today
To see how you can set up Security Health Analytics for your GCP environment, take a look at the video embedded below.
Previous blogs in this series: