Vulnerability Scanning in GCP
Some Tools that can be used within GCP for OS Level Security Scans
Top Level Tool - Security Command Center (Premium Tier)
This is where you will see any alerts , dashboards etc..
Compute Instance Scanner (Web Security Scanner)
This is an app layer - OWASP threat scanner.
IAM Scanner
Looks at identities and role assignments. For e.g. if a service account is able to call all Google APIs, this would show up on the IAM Scan.
Deep Vulnerability Scanner
For containerized and other cloud native workloads, a tool like Aqua Security can perform deep scans, including host level scans. Automatic remediation is part of the tool's capabilities.
Need an experienced AWS/GCP/Azure Professional to help out with your Public Cloud Strategy? Set up a time with Anuj Varma.
Leave a Reply