Qualys has announced its integration with the Cloud Security Command Center (Cloud SCC) for Google Cloud Platform (GCP). This is a security and data risk platform helping enterprises to gather data, identify threats, and act on them before they result in business damage or loss.
Cloud SCC provides security teams a single pane for security features, policies, and insights across Google Cloud platform. Qualys’ integration expands on existing data within Cloud SCC by adding vulnerability management and threat data for compute engine instances within a GCP project.
This new capability builds on Qualys’ prior GCP integration to give customers visibility of Qualys data within Cloud SCC and allow DevOps and security teams to protect their workloads by gaining full visibility of vulnerability and threat posture at-a-glance. Users can further drill down to find details and actionable intelligence for every identified vulnerability, and can navigate with a single click back to their Qualys subscription for additional reports and threat intelligence.
Customers can gain access to Qualys-generated vulnerability and threat posture data within Cloud SCC by deploying Qualys’ lightweight Cloud Agents on workload images. This step will either bake the agent within the image or automatically deploy the agent in the compute engine instance.
“As businesses leverage new technologies to accelerate their digital transformation efforts and move into the cloud, their focus needs to shift towards building security into applications, as well as interconnected devices, right from the start. And this is what Google is doing with their Cloud Platform, helping businesses build security into the fabric of their workloads,” said Philippe Courtot, chairman and CEO, Qualys.
“Now more than ever, the cloud is where an increasing number of enterprises are turning to protect their data and stay secure,” said Andy Chang, Senior Product Manager, Google Cloud. “With Cloud Security Command Center, we are helping security teams gather data, identify threats, and quickly act on application and data risks. By working with industry leaders like Qualys, we are giving our customers the capabilities they need to keep up with today’s ever evolving security challenges especially as they move workloads to the cloud.”
Key features of the new Cloud SCC include:
- Asset Discovery and Inventory: Discover assets across Google App Engine, Google Compute Engine, Google Cloud Storage, and Cloud Datastore and view them in one place. Review historical discovery scans to identify new, modified, or deleted assets.
- Sensitive Data Identification: Find out which storage buckets contain sensitive and regulated data using the Cloud Data Loss Prevention (DLP) API. Help prevent unintended exposure and ensure access is based on need-to-know. The DLP API integrates automatically with Cloud SCC.
- Application Vulnerability Detection: Uncover common vulnerabilities such as cross-site-scripting (XSS), Flash injection, mixed content (HTTP in HTTPS), and outdated/insecure libraries that put Google App Engine applications at risk with Cloud Security Scanner. Cloud Security Scanner integrates automatically with Cloud SCC.
- Access Control Monitoring: Help ensure the appropriate access control policies are in place across cloud resources and get alerted when policies are misconfigured or unexpectedly change.
- Threat Intelligence from Google: Identify threats like botnets, cryptocurrency mining, anomalous reboots and suspicious network traffic with built-in machine learning technology developed by the Google.
- Third-party security tool inputs: Integrate output from existing security tools into Cloud Security Command Center to detect DDoS attacks, compromised endpoints, compliance policy violations and network attacks.
- Real-time Notifications: Receive Cloud SCC alerts via Gmail, SMS and Jira with Pub/Sub notification integration.
- REST API: Leverage the Cloud SCC REST API for easy integration with existing security systems and workflows.