Some Tools that can be used within GCP for OS  Level Security Scans

Top Level Tool - Security Command Center (Premium Tier) 

This is where you will see any alerts , dashboards etc..

Compute Instance Scanner  (Web Security Scanner)

This is an app layer - OWASP threat scanner.

IAM Scanner

Looks at identities and role assignments. For e.g. if a service account is able to call all Google APIs, this would show up on the IAM Scan.

Deep Vulnerability Scanner

For containerized and other cloud native workloads, a tool like Aqua Security can perform deep scans, including host level scans. Automatic remediation is part of the tool's capabilities.




Need an experienced AWS/GCP/Azure Professional to help out with your Public Cloud Strategy? Set up a time with Anuj Varma.