We’re excited to announce today that we’ve added support for the latest version of the Google Cloud Security Command Center (Cloud SCC). StackRox has collaborated with the Cloud SCC team as part of our Google Cloud partnership since Cloud SCC’s alpha release, and we’re excited that the platform is now generally available.
The StackRox Kubernetes Security Platform enables customers to meet their security and compliance requirements across the container lifecycle, and we’ve integrated deeply with Kubernetes to deliver the key capabilities essential to an effective container security solution.
Our Cloud SCC integration identifies security risks and real-time threat detection results in Google Kubernetes Engine (GKE) clusters and sends them to Cloud SCC. Cloud SCC then makes those findings available in one place alongside problems with other cloud resources across the customer’s Google Cloud organization. We make the most important information available right in the familiar Google Cloud Console, but users can easily return to StackRox to dig in deeper on investigation and response.
Cloud SCC is organized around assets — clusters, virtual machines, and other resources in your Google Cloud Platform organizations — and findings — security exposures or alerts about those assets. Findings are provided by security sources like StackRox.
To start seeing StackRox findings, use the Cloud SCC dashboard to set up a new security source. Once you’ve finished the integration, you’ll see a quick summary of your StackRox findings on the Cloud SCC dashboard.
The StackRox Kubernetes Security Platform automatically determines which cluster it’s running in and sends the right data to Cloud SCC. You can view each cluster separately to find out which findings StackRox has identified.
Each finding is a security issue uncovered in one of your Kubernetes Engine clusters—including threats like cryptocurrency mining, reverse shell execution, or privilege escalation, or risks like vulnerable images or insecure cluster configurations. While you’re configuring StackRox policies, you can decide which types of issues you send to Cloud SCC.
The findings inventory shows all of the identified issues across your clusters. You can use this page to filter findings and prioritize the most critical security exposures to look into.
You can see some of the most important information at a glance in the table: In which cluster is this issue present? Which application does it affect? What sort of issue is at hand, and how severe is it?
To see all the data StackRox sends to Cloud SCC, select a finding. The finding detail view answers more questions: Why was an alert raised? For how long has it been active? Has StackRox responded to the issue already, following the organization’s policies?
To continue your response, you can select the provided link to get even more data in the StackRox portal.
This feature is available now to all StackRox customers. Already running the StackRox Kubernetes Security Platform? Just configure a simple integration and you’ll start receiving rich risk context and threat detection results in Cloud SCC!
Does your business run on Google Kubernetes Engine (GKE)? Contact us to learn how we reduce risk and detect emerging threats in your applications, and see how we deliver comprehensive container security information to Cloud SCC.
Not on GKE? We protect your applications and infrastructure wherever you run Kubernetes or OpenShift — in the cloud or on-premises. You can ask for a personal demo anytime.