Google recently announced several new updates to its Security Command Center (SCC) with a pay-as-you-go pricing model and two options: project-level deployment and self-service enablement.
Key features
Asset discovery and inventory
Ability to discover and view your assets in near real-time in App Engine, BigQuery, Cloud SQL, Cloud Storage, Compute Engine, Cloud Identity and Access Management, Google Kubernetes Engine, etc. Viewing historical discovery scans to identify new, modified or deleted assets is also one of the new platform’s hardware features.
Threat prevention
With the new features, you can understand the security status of your Google Cloud assets. Users can also discover common web application vulnerabilities such as cross-site scripting or outdated libraries in your web applications running on App Engine, GKE and Compute Engine.
Threat detection
Detects threats using logs running in Google Cloud at scale. Detecting kryptonite threats and some of the most common container attacks, including suspicious binary, suspicious library, and reverse wrapper.
In addition to project-level activation, SCC now supports self-activation, providing full self-service execution for individual projects.
Other cloud service providers such as Microsoft and AWS offer similar security platforms natively in their cloud offerings like SCC. For example, Microsoft’s Defender for Cloud is a security management platform that provides threat protection, security policy enforcement, and security analytics across Azure and hybrid environments. And AWS has Security Hub, a security management platform that integrates with other AWS security services.