You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Sumo Logic App for Google Cloud Security Command Center (SCC) provides real-time visibility into cloud risks, including misconfigurations, threats, and vulnerabilities in Google Cloud environments. It features dashboards that highlight high-priority security findings, such as privileged account issues, API misuse, software vulnerabilities, severity breakdowns, resource and project-level filtering, and detailed summaries to streamline triage and remediation workflows. This enables you to monitor, investigate, and respond effectively to improve cloud security, reduce risk, and maintain compliance.
12
+
The Sumo Logic app for Google Cloud Security Command Center (SCC) provides real-time visibility into cloud risks, including misconfigurations, threats, and vulnerabilities in Google Cloud environments. It features pre-configured dashboards that highlight high-priority security findings, such as privileged account issues, API misuse, software vulnerabilities, severity breakdowns, resource and project-level filtering, and detailed summaries to streamline triage and remediation workflows. This enables you to monitor, investigate, and respond effectively to improve cloud security, reduce risk, and maintain compliance.
13
13
14
14
:::info
15
-
This app includes [built-in monitors](#google-cloud-security-command-center-alerts). For details on creating custom monitors, refer to [Create monitors for Google Cloud Security Command Center app](#create-monitors-for-google-cloud-security-command-center-app).
15
+
This app includes [built-in monitors](#google-cloud-security-command-center-alerts). For details on creating custom monitors, refer to the [Create monitors for Google Cloud Security Command Center app](#create-monitors-for-google-cloud-security-command-center-app).
16
16
:::
17
17
18
18
## Log types
19
19
20
-
This App uses [Findings](https://cloud.google.com/security-command-center/docs/finding-classes) generated by [Security Command Center](https://cloud.google.com/security-command-center/docs/security-command-center-overview).
20
+
This app uses the [Findings](https://cloud.google.com/security-command-center/docs/finding-classes) generated by [Security Command Center](https://cloud.google.com/security-command-center/docs/security-command-center-overview) (SCC).
21
21
22
22
### Sample log message
23
23
@@ -467,19 +467,20 @@ This section describes the Sumo Logic pipeline for collecting the data from Goog
467
467
468
468
Follow the steps below to integrate the Google Cloud Security Command Center (SCC) app:
469
469
470
-
1.[Enable Security Command Center](https://cloud.google.com/security-command-center/docs/activate-scc-overview) (SCC) at the GCP console.
470
+
1. Enable the [Security Command Center (SCC)](https://cloud.google.com/security-command-center/docs/activate-scc-overview) at the GCP console.
471
471
1. In Sumo Logic, [configure the Google Cloud Platform source](https://help.sumologic.com/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-agoogle-cloud-platform-source).
472
-
1. In the GCP console, configure a Pub/Sub Topic for [GCP](https://help.sumologic.com/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-a-pubsub-topicfor-gcp). This Topic will be used to send SCC findings from GCP to Sumo Logic
472
+
1. In the GCP console, configure a Pub/Sub Topic for [GCP](https://help.sumologic.com/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-a-pubsub-topicfor-gcp). This topic will be used to send SCC findings from GCP to Sumo Logic.
473
473
1. In the SCC blade of the GCP console, click **Continuous Exports**. <br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/Google+Cloud+-+Security+Command+Center/step4.png')} alt="Google Cloud Storage dashboards" width="500" />
474
474
1. In the GCP console, export the findings from SCC to the [Pub/Sub Topic](https://cloud.google.com/security-command-center/docs/how-to-export-data?_gl=1*1dt4zsw*_ga*ODU1MTc4OTQ1LjE3Mzg3ODM5NzI.*_ga_WH2QY8WWF5*czE3NDY2Mzc3MzQkbzMkZzEkdDE3NDY2MzgxNDUkajYwJGwwJGgw#configure-pubsub-exports) created above.
475
475
476
476
### Testing the integration
477
477
478
478
1. Refer to this [link](https://cloud.google.com/security-command-center/docs/how-to-export-data?_gl=1*1nrezew*_ga*ODU1MTc4OTQ1LjE3Mzg3ODM5NzI.*_ga_WH2QY8WWF5*czE3NDY3MjYwNjEkbzUkZzEkdDE3NDY3MjY2OTQkajMzJGwwJGgw#test_continuous_exports) to test the continuous exports created above. <br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/Google+Cloud+-+Security+Command+Center/test.png')} alt="Google Cloud Storage dashboards" />
479
-
1. Live Tail at Sumo Logic to see the findings from SCC.
479
+
1.*Live Tail* at Sumo Logic to see the findings from SCC.
480
480
481
481
## Installing the Google Cloud Security Command Center app
482
-
Now that you have set up the collection for Google Cloud Security Command Center (SCC), install the Sumo Logic App to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
482
+
483
+
Now that you have set up the collection for Google Cloud Security Command Center (SCC), install the Sumo Logic app to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
483
484
484
485
import AppInstall2 from '../../reuse/apps/app-install-v2.md';
485
486
@@ -495,19 +496,19 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md';
495
496
496
497
The **Google Cloud - Security Command Center - Misconfigurations** dashboard provides you with a comprehensive view of misconfigurations across Google Cloud. It shows the total number of misconfigurations by severity, category, project, and resource type, helping identify high-risk issues like over-privileged accounts or insecure Kubernetes settings. You can quickly identify high-risk issues like over-privileged accounts or insecure Kubernetes settings and pinpoint the most affected resources. The dashboard supports rapid investigation and proactive remediation, enhancing overall cloud security posture.
The **Google Cloud - Security Command Center - Threats** dashboard provides you with real-time visibility into threats in the Google Cloud environments. It displays threat counts by severity and type, identifies affected projects and resources, and offers detailed findings for incident investigation. The dashboard aids in prioritizing responses, detecting suspicious activity early, and improving overall cloud threat detection and response.
The **Google Cloud - Security Command Center - Vulnerabilities** dashboard provides you with insights into known vulnerabilities across cloud resources for effective risk assessment and remediation. The dashboard displays the total count of vulnerabilities detected, categorized by severity and type (e.g., GKE Security Bulletin, Software, OS), helping prioritize critical and high-severity issues. Analysts can drill into project-specific data and detailed findings like CVEs or SQL injection risks, making this dashboard key to reducing exposure and maintaining a secure cloud environment.
509
+
The **Google Cloud - Security Command Center - Vulnerabilities** dashboard provides you with insights into known vulnerabilities across cloud resources for effective risk assessment and remediation. The dashboard displays the total count of vulnerabilities detected, categorized by severity and type (for example, GKE Security Bulletin, Software, OS), helping prioritize critical and high-severity issues. Analysts can drill into project-specific data and detailed findings like CVEs or SQL injection risks, making this dashboard key to reducing exposure and maintaining a secure cloud environment.
0 commit comments