Safety Command Heart (SCC) is our native Google Cloud product that helps handle and enhance your cloud safety and danger posture. As a local providing, SCC is continually evolving and including new capabilities that ship extra perception to safety practitioners. We’ve simply launched new capabilities in Safety Command Heart Premium that allow organizations to enhance their safety posture and effectively handle danger for his or her Google Cloud surroundings. SCC now helps CIS benchmarks for Google Cloud Platform Basis v1.1, enabling you to observe and handle compliance violations in opposition to trade finest practices in your Google Cloud surroundings. Moreover, SCC now helps fine-grained entry management for directors that lets you simply adhere to the ideas of least privilege – limiting entry primarily based on roles and tasks to cut back danger and enabling broader workforce engagement to deal with safety.
Safety Command Heart with its native safety and danger administration capabilities is utilized by enterprises the world over to guard their surroundings by gaining visibility into cloud property, discovering misconfigurations and vulnerabilities in sources, detecting threats concentrating on Google Cloud property, and sustaining compliance primarily based on trade requirements and benchmarks. These new capabilities additional improve enterprise safety groups’ capability to show accountability and transparency of their Cloud compliance stance and acquire operational effectivity with scoped entry.
Enhance your safety posture with CIS Google Cloud Basis 1.1 benchmark
Organizations can now monitor and see how their Google Cloud surroundings stacks up in opposition to CIS Google Cloud Computing Foundations Benchmark v1.1. The CIS benchmark supplies steering for securing the GCP surroundings that may assist organizations defend from widespread cyber threats and enhance their total safety posture. CIS 1.1 expands protection to further Google Cloud providers and refines directions and steering.
With this launch in SCC, you possibly can repeatedly monitor sources and coverage violations in opposition to widespread safety controls described within the CIS Google Cloud Basis 1.1 and authorized by the Heart for Web Safety for alignment with CIS Google Cloud Computing Foundations Benchmark v1.1.zero.
Safety Well being Analytics is a built-in service in Safety Command Heart that gives misconfiguration findings throughout your GCP surroundings together with suggestions to remediate these findings. These findings are mapped to the supported compliance requirements and trade finest practices, supplying you with the flexibility to prioritize actions primarily based on the compliance regime relevant to your group.
SCC supplies a one-click compliance dashboard, making it seamless to get a whole view of the place your surroundings is passing and failing in opposition to the CIS 1.1 benchmarks. It provides you fast posture stance metrics in opposition to the totally different ranges in CIS 1.1 benchmarks – Stage 1 is taken into account as a base suggestion to decrease the assault floor and Stage 2 is taken into account as a finest follow for safety acutely aware organizations.
The CIS 1.1 report signifies the variety of controls which might be handed, what number of should be addressed, and remediation steps for addressing the failed controls in opposition to the usual. It additionally supplies an export functionality that permits you to simply show your compliance stance to inner and exterior audit groups.