Get My Score

Google Cloud Platform (GCP)

auto-remediation

Cloud Security Command Center (Cloud SCC) Integration

Many of the most high-profile breaches from recent years have been caused by misconfigured servers and cloud services that left sensitive information exposed. Cavirin is focused on protecting your cloud, container and server resources in the Google Cloud Platform (GCP), AWS, Azure and on-premises environments. With our Summer 2018 release, customers can:

  • automatically discover 9 GCP cloud resource types including VPCs, subnets, Cloud Account (including Identity and Access Management (IAM)), Google Kubernetes Engine (GKE), Google Compute Engine (GCE), BigQuery, Cloud SQL and Cloud Key Management Service (KMS), and 22 operating systems
  • evaluate several thousand technical controls at the cloud, container and OS levels spanning configuration, compliance and vulnerability checks
  • compute a proprietary CyberPosture Score that helps you translate assessments into an easy-to-understand risk metric
  • prioritize remediation plans based on CyberPosture score improvement potential
  • auto-remediate, where possible, via Ansible and serverless approaches

Today, we are thrilled to preview our integration into GCP Cloud Security Command Center which aggregates vulnerabilities, threats and security findings from Cavirin and other GCP security ecosystem partners. With this integration, customers will benefit from the following improvements:

Unified Dashboard for SecOps teams:  Cavirin’s security, compliance and vulnerability findings will be presented in the Cloud SCC dashboard alongside findings from other security offerings that customers may have purchased.

 Cloud SCC dashboard

Findings Prioritized by CyberPosture Scores. Each finding presented in the Cloud SCC dashboard represents a single configuration, compliance or security issue for one instance of 9 resource types. Cavirin presents up to 500 findings prioritized by their CyberPosture Score improvement potential, which is proportional to the relative risk of any finding based on the underlying technical control, its weight, resource criticality and other factors in Cavirin’s proprietary CyberPosture Scoring methodology.

Cloud Security Command Center CyberPosture Score 

Actionable Finding Details. Each finding also presents additional details on the security or compliance control framework that generated the finding, the GCP identifier of the failed resource, CyberPosture Score improvement potential, remediation steps, and other details.

 cloud scc and gcp identifier

Comprehensive Security & Compliance Frameworks. Findings in Cloud SCC are powered by the following control frameworks that contribute over 80,000 technical controls. Several of these frameworks were led by Cavirin security experts:

  • CIS GCP Foundation Benchmark, co-authored by Cavirin
  • Cavirin GCP Network Policy Pack to protect against open TCP ports
  • Compliance frameworks: GDPR, HIPAA, PCI-DSS 3.2, ISO 27002:2013, AICPA SOC2, CJIS
  • Security frameworks: CIS (OS-level), DISA, CIS Google Chrome, NIST 800-171, NIST 800-53r4, NIST CSF, Cavirin Patches & Vulnerabilities
  • Container frameworks: Cavirin Image Hardening, Cavirin Patches & Vulnerabilities, CIS Docker CE, Container Linux, CIS Kubernetes

CyberPosture Intelligence for GCP. Cloud SCC customers are one click away from the Cavirin dashboard with a “credit-score”-like representation of security and compliance posture across GCP, AWS, Azure, containers, and on-premises infrastructure. The Cavirin CyberPosture score helps customers analyze trends and drill into scores by asset group, environment, policy pack, cloud service, operating systems, and individual resources to pinpoint risk and prioritize remediation plans.

cybersecurity posture score for Cloud SCC customers 

Making the magic work

Getting started with Cavirin and Cloud SCC is easy. Contact Cavirin to get you provisioned for Cloud SCC access.  Once you have that information, please browse and find the Cavirin Cloud SCC Companion in the Google Marketplace. This application establishes trust and connectivity between Cavirin and GCP to post security findings about your organization’s GCP resources into Cloud SCC. Follow the self-service provisioning wizard steps for Cavirin Cloud SCC Companion (found in the Marketplace documentation).

Cavirin Cloud SCC Companion in the Google Marketplace 

Next, provision the Cavirin CyberPosture managed VM app in the Google Marketplace.

Finally, connect Cavirin to GCP Cloud SCC using the integration steps within Cavirin.

More to Come!

In the coming months, we plan to further strengthen our GCP features by closing the loop from monitoring to risk scoring and auto-remediation by detecting new, deleted or changed resources via Google StackDriver Monitoring, scoring changes and allowing users to remediate via pre-built Google Functions.

Next Steps

 

0
0
0
s2sdefault

© 2018 Cavirin Systems, Inc. All rights reserved.