Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from http://cloud.google.com/security-command-center/docs/how-to-configure-security-command-center below:

Configure Security Command Center services

Two types of services run on Security Command Center: built-in services and integrated services. Built-in services are part of Security Command Center. Integrated services are Google Cloud or third-party services that provide findings to Security Command Center.

This page describes how to configure built-in services and integrated services.

The following built-in services are part of Security Command Center:

• AI Protection (Preview)
• Container Threat Detection: Premium and Enterprise service tiers only
• Cloud Run Threat Detection (Preview): Premium and Enterprise service tiers only
• Compliance Manager (Preview): Enterprise service tier only
• Data Security Posture Management (Preview): Enterprise service tier only
• Event Threat Detection: Premium and Enterprise service tiers only
• Notebook Security Scanner (Preview): Premium and Enterprise service tiers only
• Security Health Analytics
• Security posture: Premium and Enterprise service tiers only
• Sensitive Actions Service
• Virtual Machine Threat Detection: Premium and Enterprise service tiers only
• Vulnerability Assessment for Amazon Web Services (AWS): Enterprise service tier only
• Web Security Scanner

You can't enable or disable the Security posture service; it is available by default when you activate the Security Command Center Enterprise tier.

Most built-in services can be enabled for your entire organization or just for selected folders or projects. By default, folders and projects inherit service enablement settings from their parent organization or folder.

The Vulnerability Assessment for AWS service can be enabled only for a Google Cloud organization and requires that you establish a connection between Security Command Center and AWS.

The Container Threat Detection service can be enabled only for clusters. For information about required permissions for Container Threat Detection, see Required IAM permissions.

To enable or disable a Security Command Center service for a resource, do the following:

1. In the Google Cloud console, go to the Security Command Center page.

   Go to Security Command Center

2. Select the organization, folder, or project for which you need to manage services.

3. Click settings Settings.

4. For the service that you want to modify, click Manage settings.

5. On the Service enablement tab, in the hierarchical view of resources, select the organization, folder, project, or container for which you need to enable the service. If you are enabling the Vulnerability Assessment for AWS service, select Enable.

6. For that resource, set the service to Enable, Disable, or Inherit.

Some services, like Security Health Analytics, operate using batch scans. When you disable such a service, the change might not be reflected immediately. The change is effective after all ongoing batch scans are complete. This can lead to a scenario where new vulnerabilities are still detected for a short period after you disable the service.

For some services (for example, Security Health Analytics), you can enable or disable certain detectors, also known as modules. To configure the detectors of a service and view their current statuses, do the following:

1. In the Google Cloud console, go to the Security Command Center page.

   Go to Security Command Center

2. Select the organization, folder, or project for which you need to manage services.

3. Click settings Settings.

4. For the service that you want to view, click Manage settings.

5. Click the Modules tab. The service's detectors are displayed, along with their respective statuses.

6. Find the detector that you want to modify, and set its status to Enable or Disable.

You can add an integrated service to an organization-level activation of Security Command Center. Project-level activations don't support integrated Google Cloud services.

Security Command Center provides the following integrated services:

• Assured Open Source Software (Assured OSS): Enterprise service tier only
• Mandiant Attack Surface Management: Enterprise service tier only
• Anomaly Detection
• Cloud Armor
• IAM Recommender: Premium and Enterprise service tiers only
• Sensitive Data Protection
• VM Manager (Preview): Premium and Enterprise service tiers only

For more information about these services, see Detection services for vulnerabilities and threats.

To enable an integrated service, follow these steps:

1. In the Google Cloud console, go to the Security Command Center page.

   Go to Security Command Center

2. Select your organization or project.

3. Click settings Settings.

4. Click the Integrated services tab.

5. Next to the integrated source that you want to enable, click the Status list and select Enable.

Findings from the services that you enable are displayed on the Findings page in the Security Command Center dashboard.

Some Google Cloud security services require additional integration steps that you must complete. See the following:

• To configure the Assured OSS integration, see Integrate with Assured OSS.
• To configure the Sensitive Data Protection integration, see Integrate with Sensitive Data Protection.

To disable an integrated service, next to its name, click the list and select Disable.

Organization-level activations of Security Command Center can display findings from third-party security services that have registered as Cloud Marketplace partners.

Project-level activations of Security Command Center don't support third-party services.

To integrate security services that aren't registered as Cloud Marketplace partners, ask the providers to complete the guide to Onboard as a Security Command Center partner.

To add a new third-party security service to Security Command Center, you set up the security service, and then enable it in the Google Cloud console.

To add a security service for a registered Cloud Marketplace partner, you need the following:

• The following Identity and Access Management (IAM) roles:
  • Security Center Admin (roles/securitycenter.admin)
  • Service Account Admin (roles/iam.serviceAccountAdmin)
• A Google Cloud project that you want to use for the security service.

To set up a third-party security service, you need a service account for that service. When you add the new security service, you can choose from the following service account options:

• Create a service account.
• Use your own existing service account.
• Use a service account from the service provider.

To set up a new security service that's already registered as a Cloud Marketplace partner, complete the following:

1. Go to the Security Command Center Services Marketplace page in the Google Cloud console.

   Go to Marketplace

2. The Marketplace page displays security services that are directly associated with Security Command Center.

   • If you don't see the security service that you want to add, search for Security, and then select the security service provider.
   • If the security service provider isn't registered in the Cloud Marketplace, ask your provider to complete the guide to Onboard as a Security Command Center partner.

3. On the security service provider page in the Cloud Marketplace, follow any provider setup instructions in the Overview.

When configured correctly, the security service you added is available in Security Command Center.

After you set up a new security service, you need to enable it in the Google Cloud console.

Third-party security services use service accounts that might be outside your organization.

To enable a third-party service, follow these steps:

1. In the Google Cloud console, go to the Security Command Center page.

   Go to Security Command Center

2. Select your organization or project.

3. Click settings Settings.

4. Click the Integrated services tab.

5. Next to the integrated source that you want to enable, click the Status list and select Enable.

Findings from the services that you enable are displayed on the Findings page in the Security Command Center dashboard.

You can change the service account used for a third-party security service, for example to address service account leakage or rotation. To change the service account for a security service, you need to update it in the Google Cloud console. Afterward, follow the service provider's instructions to update the service account for their service.

1. In the Google Cloud console, go to the Security Command Center page.

   Go to Security Command Center

2. Select your organization or project.

3. Click settings Settings.

4. Click the Integrated services tab.

5. In the drop-down list next to the integrated service:

   1. Select Disabled to temporarily disable the integrated service.
   2. Select Manage service account.

6. On the Edit provider panel that appears, enter the new service account, then click Submit.

7. In the drop-down list next to the integrated service, select Enabled to enable the security service.

When configured correctly, the service account for the integrated service is updated in Security Command Center. Follow the service provider's instructions to update the service account information for their service.

• Learn about Google Cloud security services and how to view the vulnerabilities and threats they surface.
• Learn how to optimize Security Command Center.
• Export logs to Cloud Logging.
• Configure attack exposure scores to assess risk.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4