Delivering Container Security in the Google Cloud Security Command Center

One of the most basic challenges a security team faces can sometimes simply be getting a handle on what assets exist where, and what exposures and issues affect them.

So, we’re excited to announce that we’ve expanded our existing partnership with Google Cloud Platform to bring detailed security context to container resources in the Google Cloud Security Command Center (SCC). Our customers on Google Kubernetes Engine (GKE) can easily configure StackRox Prevent or StackRox Detect and Respond to send real-time container security exposures and alerts to the Cloud SCC. There, security teams can view the current vulnerabilities, exposures, and alerts in their clusters alongside risks in other types of cloud resources. StackRox presents the most important high-level information right in the Cloud SCC, but with one click, the user can move back to their StackRox security products to begin investigation and response.

A Quick Tour of Cloud SCC

Cloud SCC is organized around assets — cloud projects and resources under your Google Cloud Platform organizations — and findings — security exposures or alerts about those assets. StackRox customers will see a quick summary of their StackRox findings on the Cloud SCC dashboard.

Each finding corresponds to a security issue uncovered in a Kubernetes Engine cluster by one of our products — threats like cryptocurrency mining, privilege escalation, or suspicious network behavior, and risks like vulnerable images or over-privileged deployments. In the Findings Inventory, we see a list of security incidents uncovered by StackRox products in the organization’s Kubernetes Engine clusters. A security team member can use this page to find the most critical security exposures to investigate.

After opening a StackRox finding, the user has enough information to quickly assess the exposure: In which cluster is this issue present? Which application does it affect? For how long has it been active? What sort of issue is this, and how severe is it? Has StackRox responded to the issue already, following the organization’s policies?

The user can find all the relevant data in their StackRox portal with one click and explore other security context, including deployment risk indicators in StackRox Prevent and container activity in StackRox Detect and Respond.

This feature is available now to all StackRox customers running Prevent, or Detect and Respond. Already running StackRox? Just configure a single integration and you’ll start receiving rich container security information in Cloud SCC!

Does your business run on Google Kubernetes Engine (GKE)? Contact us to learn how we reduce risk and detect emerging threats in your applications, and see how we deliver comprehensive container security data to Cloud SCC.

Not on GKE? We protect your containerized applications on a variety of platforms. Contact us for a demo.