At the Google Cloud Next conference in San Francisco, Google rolled out several new security services and features for enterprise customers, including a number of enhancements in Cloud Security Command Center[1] (Cloud SCC). The security management and data risk platform, which helps GCP users manage threats across services like App Engine, BigQuery, Cloud Storage and Compute Engine, is now generally available.
One new Cloud SCC feature, now in alpha, is Security Health Analytics. It automatically scans GCP infrastructure to surface problems like configuration issues with public storage buckets, open firewall ports, stale encryption keys or deactivated security logging.
Cloud SCC can now also sign up for the beta Event Threat Detection program. It scans Stackdriver logs for suspicious activity in your GCP environment, distills findings, and flags them for remediation. Some of the threats it scans for include malware, crypto mining and outgoing DDoS attacks. Cloud SCC also offers new integrations with Capsule8, Cavirin, Chef, McAfee, Redlock, Stackrox, Tenable.io, and Twistlock.
The Cloud SCC announcements were part of the announcements at Google Cloud Next that showcase the way Google is improving the security in the cloud -- in other words, how Google is empowering business users to manage their own security.
According to Michael Aiello, director of product management for cloud security at Google, the company has started to think about its work in cloud security in three different categories: security of the cloud, security in the cloud and security services. Security of the cloud refers to the parts of cloud security that providers like Google should be directly responsible for. Meanwhile, security services are SaaS products that Google takes directly to market.
"Overall, the mission is to build