You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/integrations/google/cloud-security-command-center.md
+10-10Lines changed: 10 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -360,7 +360,7 @@ This App uses [Findings](https://cloud.google.com/security-command-center/docs/f
360
360
},
361
361
"muteUpdateTime": "2025-06-25T16:27:20Z",
362
362
"parentDisplayName": "Vulnerability Assessment",
363
-
"description": "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0\u2019s can be added at the start of an integer. gRPC\u2019s hpack parser needed to read all of them before concluding a parse.\n- gRPC\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\u2026",
363
+
"description": "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4-gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0\u2019s can be added at the start of an integer. gRPC\u2019s hpack parser needed to read all of them before concluding a parse.\n- gRPC\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\u2026",
364
364
"files": [
365
365
{
366
366
"diskPath": {
@@ -431,7 +431,7 @@ This App uses [Findings](https://cloud.google.com/security-command-center/docs/f
@@ -493,19 +493,19 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md';
493
493
494
494
### Misconfigurations
495
495
496
-
The **Google Cloud - Security Command Center - Misconfigurations** dashboard provides you with a comprehensive view of misconfigurations across Google Cloud. It shows the total numner of misconfigurations by severity, category, project, and resource type, helping identify high-risk issues like over-privileged accounts or insecure Kubernetes settings. You can quickly identify high-risk issues like over-privileged accounts or insecure Kubernetes settings and pinpoint the most affected resources. The dashboard supports rapid investigation and proactive remediation, enhancing overall cloud security posture.
496
+
The **Google Cloud - Security Command Center - Misconfigurations** dashboard provides you with a comprehensive view of misconfigurations across Google Cloud. It shows the total number of misconfigurations by severity, category, project, and resource type, helping identify high-risk issues like over-privileged accounts or insecure Kubernetes settings. You can quickly identify high-risk issues like over-privileged accounts or insecure Kubernetes settings and pinpoint the most affected resources. The dashboard supports rapid investigation and proactive remediation, enhancing overall cloud security posture.
The **Google Cloud - Security Command Center - Threats** dashboard provides you real-time visibility into threats in the Google Cloud environments. It displays threat counts by severity and type, identifies affected projects and resources, and offers detailed findings for incident investigation. The dashboard aids in prioritizing responses, detecting suspicious activity early, and improving overall cloud threat detection and response.
502
+
The **Google Cloud - Security Command Center - Threats** dashboard provides you with real-time visibility into threats in the Google Cloud environments. It displays threat counts by severity and type, identifies affected projects and resources, and offers detailed findings for incident investigation. The dashboard aids in prioritizing responses, detecting suspicious activity early, and improving overall cloud threat detection and response.
The **Google Cloud - Security Command Center - Vulnerabilities** dashboard provides you insights into known vulnerabilities across cloud resources for effective risk assessment and remediation. The dashboard displays the total count of vulnerabilities detected, categorized by severity and type (e.g., GKE Security Bulletin, Software, OS), helping prioritize critical and high-severity issues. Analysts can drill into project-specific data and detailed findings like CVEs or SQL injection risks, making this dashboard key to reducing exposure and maintaining a secure cloud environment.
508
+
The **Google Cloud - Security Command Center - Vulnerabilities** dashboard provides you with insights into known vulnerabilities across cloud resources for effective risk assessment and remediation. The dashboard displays the total count of vulnerabilities detected, categorized by severity and type (e.g., GKE Security Bulletin, Software, OS), helping prioritize critical and high-severity issues. Analysts can drill into project-specific data and detailed findings like CVEs or SQL injection risks, making this dashboard key to reducing exposure and maintaining a secure cloud environment.
@@ -519,9 +519,9 @@ import CreateMonitors from '../../reuse/apps/create-monitors.md';
519
519
520
520
| Name | Description | Alert Condition | Trigger Type |
521
521
|:--|:--|:--|:--|
522
-
|`Critical Misconfigurations`| This alert is triggered when critical misconfiguration findings, such as insecure default settings or overly permissive roles are detected, indicating security vulnerabilities or compliance violations. It helps security analysts quickly identify and address high-risk configuration issues. | Count > 0 | Critical |
522
+
|`Critical Misconfigurations`| This alert is triggered when critical misconfiguration findings, such as insecure default settings or overly permissive roles, are detected, indicating security vulnerabilities or compliance violations. It helps security analysts quickly identify and address high-risk configuration issues. | Count > 0 | Critical |
523
523
|`Critical Threats`| This alert is triggered when critical threat detections are logged in the environment, indicating potential active attacks or malicious behavior. It serves as an early warning system for high-severity incidents requiring immediate investigation and response. | Count > 0 | Critical |
524
-
|`Critical Vulnerabilities`| This alert is triggered when critical vulnerabilities, such as unpatched software or exposed components, are detected that pose significant risk to cloud infrastructure. It allows analysts to prioritize remediation efforts on the most impactful security weaknesses. | Count > 0 | Critical |
524
+
|`Critical Vulnerabilities`| This alert is triggered when critical vulnerabilities, such as unpatched software or exposed components, are detected that pose a significant risk to cloud infrastructure. It allows analysts to prioritize remediation efforts on the most impactful security weaknesses. | Count > 0 | Critical |
525
525
526
526
## Upgrade/Downgrade the Google Cloud Security Command Center app (Optional)
527
527
@@ -533,4 +533,4 @@ import AppUpdate from '../../reuse/apps/app-update.md';
533
533
534
534
import AppUninstall from '../../reuse/apps/app-uninstall.md';
0 commit comments