Delivering Container Security in the Google Cloud Security Command Center

One of the most basic challenges a security team faces can sometimes simply be getting a handle on what assets exist where, and what exposures and issues affect them.

So, we’re excited to announce that we’ve expanded our existing partnership with Google Cloud Platform to bring detailed security context to container resources in the Google Cloud Security Command Center (SCC). Our customers on Google Kubernetes Engine (GKE) can easily configure the StackRox Kubernetes Security Platform to send real-time container security exposures and alerts to the Cloud SCC. There, security teams can view the current vulnerabilities, exposures, and alerts in their clusters alongside risks in other types of cloud resources. StackRox presents the most important high-level information right in the Cloud SCC, but with one click, the user can move back to StackRox to begin investigation and response.

A Quick Tour of Cloud SCC

Cloud SCC is organized around assets — cloud projects and resources under your Google Cloud Platform organizations — and findings — security exposures or alerts about those assets. StackRox customers will see a quick summary of their StackRox findings on the Cloud SCC dashboard.

Each finding corresponds to a security issue uncovered in a Kubernetes Engine cluster by StackRox — threats like cryptocurrency mining, privilege escalation, or suspicious network behavior, and risks like vulnerable images or over-privileged deployments. In the Findings Inventory, we see a list of security incidents uncovered by StackRox in the organization’s Kubernetes Engine clusters. A security team member can use this page to find the most critical security exposures to investigate.

After opening a StackRox finding, the user has enough information to quickly assess the exposure: In which cluster is this issue present? Which application does it affect? For how long has it been active? What sort of issue is this, and how severe is it? Has StackRox responded to the issue already, following the organization’s policies?

The user can find all the relevant data in their StackRox portal with one click and explore other security context, including deployment risk indicators and container activity.

This feature is available now to all StackRox customers running the StackRox Kubernetes Security Platform. Already running StackRox? Just configure a single integration and you’ll start receiving rich container security information in Cloud SCC!

Does your business run on Google Kubernetes Engine (GKE)? Contact us to learn how we reduce risk and detect emerging threats in your applications, and see how we deliver comprehensive container security data to Cloud SCC.

Not on GKE? We protect your containerized applications on a variety of platforms. Contact us for a demo.