View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
December 5, 2018

Google to Amazon: We’ll See Your Security Hub and Raise You a Command Centre

Google Cloud releases new centralised security database

By CBR Staff Writer

Dominant cloud provider Amazon Web Services (AWS)’s launch of the AWS Security Hub was among its headline announcements at last week’s re:Invent summit.

The hub aggregates and automatically prioritises security alerts and findings across endpoint protection,  compliance scanners and more.

Days later Google Cloud wants the market to know that it also launched a “Cloud Security Command Centre” (or “Cloud SCC – shall we call it a hub?) – and (curse you, AWS) was “the first major cloud provider to offer organization-level visibility into assets, vulnerabilities, and threats” with its alpha launch of the tool in March 2018.

Google Cloud Security Command Centre: A Hub for Improved Visibility, Action

The hub allows users to view which Cloud Storage buckets are publicly accessible, identify VMs with public addresses, discover overly permissive firewall rules, and be alerted to instances that may have been compromised to perform coin mining.

“With this tool, security teams can answer questions like ‘Which cloud storage buckets contain PII?’, ‘Do I have any buckets that are open to the Internet?’ and ‘Which cloud applications are vulnerable to XSS vulnerabilities?'” Google Cloud said.

Users can also see if users outside of your designated domain, or GCP organization, have access to your resources. It also integrates with third-party cloud security solutions from vendors such as Cavirin, Chef, and Redlock.

This is a growing request for cloud users, who increasingly face the challenge of identifying precisely where it is that their perimeter and a cloud’s begin and end; with the notion of “shared responsibility” making nobody entirely happy. Meanwhile, having a single dashboard for all cloud security tools and some on-prem ones too is a winner.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

“By integrating partner solutions with Cloud Security Command Center, you can get a comprehensive view of risks and threats all in one place without having to go to separate consoles” said Andy Chang, a senior product manager at Google Cloud in a blog shared Wednesday.

“It includes expanded coverage across GCP services including Cloud Datastore, Cloud DNS, Cloud Load Balancing, Cloud Spanner, Container Registry, Kubernetes Engine, and Virtual Private Cloud; 13 IAM roles added for fine grained access control across Cloud SCC; expanded client libraries including Java, Node, and Go; and self-serve partner security sources, such as Cavirin, Chef, and Redlock, via GCP Marketplace.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.