Get My Score

Google Cloud Platform (GCP)

google cloud security

Google Cloud Security Command Center and Multi-Cloud Lead the Way

 

Google Cloud Security Command Center

Last week, as part of a very successful and over-subscribed Google Next, we participated in the general availability announcement of Google’s Cloud Security Command Center (Cloud SCC). Cloud SCC is an intuitive, intelligent risk dashboard and analytics system for surfacing, understanding, and remediating Google Cloud Platform (GCP) security and data risks across an organization. The Cloud SCC Dashboard serves as a launching point for Cavirin’s CyberPosture Intelligence platform which includes assessment, monitoring, scoring, and remediation. Our deep integration with the Google Cloud Platform provides you visibility and manageability for Google Cloud Platform and hybrid cloud deployments, including multi-cloud deployments.


Google Multi-Cloud 

Speaking of hybrid and multi-cloud deployments--Cavirin's sweet spot--we provide overall visibility, securing both workloads and cloud services, across any infrastructure, anywhere.  Google’s focus on security across not only its own cloud but across the hybrid/multi-cloud in general, matches very well with Cavirin’s vision.  Google’s deep commitment to multi-cloud deployments, unique amongst the three major providers, was announced with its Anthos open management architecture on April 9th.  From Google:

“…..this is really the stack for the next 20 years, meaning that it’s not really about the three different clouds that are all randomly different in small ways. This is the way that makes these three clouds — and actually on-premise environments, too — look the same.”

Google’s new strategy is to encourage and protect multi-cloud deployments, a direction aligned with almost ¾ of organizations. Customers require a security solution that spans this hybrid infrastructure, looking at both workloads as well as any cloud services consumed.  So you can see why I'm pretty stoked that the Cavirin solution, announced back in April 2018, aligns with the Google Cloud Platform strategy.  Google’s native security tools are complementary to what Cavirin offers with continuous compliance and automation, visibility, and consistency, major concerns identified by organizations moving to or planning to move to the cloud.

 

Primary Cloud Deployment Strategy

(Source:  2019 Cybersecurity Insiders Cloud Security Survey)

 

How Cavirin Fits Into Your Cloud Picture

The Cavirin solution leverages the broadest set of benchmarks, frameworks, and regulations, to continually assess the compliance and security score of workloads, both on-prem and across the hybrid/multi-cloud, immediately informing the operator of any security drift and recommending remediation. In some cases, the solution is able to carry out automated remediation via Ansible Playbooks, closing the loop from monitoring to change management. Scoring accuracy is improved by leveraging machine learning to better map and weight technical controls.

The same approach applies to cloud services, wherein the case of Google Cloud, the system continually monitors the various cloud services via StackDriver, identifying potentials for breach, and then triggering auto-remediation via Google Functions. This, along with Cavirin’s workload remediation, is the essence of closed-loop security for the hybrid cloud. In parallel, the system forwards all security observations to the Google Cloud SCC, where, in combination with other Google Cloud security services, the operator is presented with a unified and actionable view of his or her security posture.

Where the organization has implemented a true hybrid or multi-cloud architecture, Cavirin presents security findings from across the multiple clouds via the CyberPosture Dashboard, a simple-to-interpret view that correlates security and compliance and offers prioritized guidance.

So, check out Cavirin’s closed-loop security for Google Cloud and our SCC integration on the Google Cloud Marketplace.

0
0
0
s2sdefault
security command center

Come See us at Google Cloud Next ’19 – Booth S1409

Many of the most high-profile breaches from recent years have been caused by misconfigured servers and cloud services that left sensitive information exposed. Cavirin is focused on protecting your cloud, container and server resources in the Google Cloud Platform (GCP) and hybrid environments. At Google Cloud Next ’19 we will be demonstrating how customers can:

  • Automatically discover 9 GCP cloud resource types including VPCs, subnets, Cloud Account (including Identity and Access Management (IAM)), Google Kubernetes Engine (GKE), Google Compute Engine (GCE), BigQuery, Cloud SQL and Cloud Key Management Service (KMS), and 22 operating systems
  • Evaluate several thousand technical controls at the cloud, container and OS levels spanning configuration, compliance and vulnerability checks
  • Compute a proprietary CyberPosture Score that helps you translate assessments into an easy-to-understand risk metric
  • Prioritize remediation plans based on CyberPosture score improvement potential
  • Auto-remediate, where possible, via Ansible and serverless (e.g. Google Functions) approaches

These features work in tandem to close the gap between proactive and reactive security in what Cavirin calls Closed Loop Security. With Closed Loop Security organizations can detect new, deleted or changed resources via Google StackDriver Monitoring, risk-score infrastructure changes to prioritize remediation plans and automate remediation via pre-built Google Functions.

Today, Google announced the general availability of Cloud Security Command Center in which we are thrilled to be one of its integration partners which helps security teams prevent, detect, and respond to threats from a single pane of glass. With our integration, customers will benefit from the following improvements:

Unified Dashboard for DevSecOps teams - Cavirin’s security, compliance and vulnerability findings will be presented in the Cloud SCC dashboard alongside findings from other security offerings that customers may have purchased.

 gcp cloud security command center

 

Findings Prioritized by CyberPosture Scores. Each finding presented in the Cloud SCC dashboard represents a single configuration, compliance or security issue for one instance of 9 resource types. Cavirin presents up to 500 findings prioritized by their CyberPosture Score improvement potential, which is proportional to the relative risk of any finding based on the underlying technical control, its weight, resource criticality and other factors in Cavirin’s proprietary CyberPosture Scoring methodology.

security command center gcp 

 

Actionable Finding Details - Each finding also presents additional details on the security or compliance control framework that generated the finding, the GCP identifier of the failed resource, CyberPosture Score improvement potential, remediation steps, and other details.

 google cloud security center

Comprehensive Security & Compliance Frameworks - Findings in Cloud SCC are powered by the following control frameworks that contribute over 80,000 technical controls. Several of these frameworks were led by Cavirin security experts:

  • CIS GCP Foundation Benchmark, co-authored by Cavirin
  • Cavirin GCP Network Policy Pack to protect against open TCP ports
  • Compliance frameworks: GDPR, HIPAA, PCI-DSS 3.2, ISO 27002:2013, AICPA SOC2, CJIS
  • Security frameworks: CIS (OS-level), DISA, CIS Google Chrome, NIST 800-171, NIST 800-53r4, NIST CSF, Cavirin Patches & Vulnerabilities
  • Container frameworks: Cavirin Image Hardening, Cavirin Patches & Vulnerabilities, CIS Docker CE, Container Linux, CIS Kubernetes

CyberPosture Intelligence for GCP - Cloud SCC customers are one click away from the Cavirin dashboard with a “credit-score”-like representation of security and compliance posture across GCP, AWS, Azure, containers, and on-premises infrastructure. The Cavirin CyberPosture score helps customers analyze trends and drill into scores by asset group, environment, policy pack, cloud service, operating systems, and individual resources to pinpoint risk and prioritize remediation plans.

cloud security command center 

Making the magic work - Getting started with Cavirin and Cloud SCC is easy. Contact Cavirin to get you provisioned for Cloud SCC access. Once you have that information, please browse and find the Cavirin Cloud SCC Companion in the Google Marketplace. This application establishes trust and connectivity between Cavirin and GCP to post security findings about your organization’s GCP resources into Cloud SCC. Follow the self-service provisioning wizard steps for Cavirin Cloud SCC Companion (found in the Marketplace documentation).

gcp security command center 

Next, provision the Cavirin CyberPosture managed VM app in the Google Marketplace.

Finally, connect Cavirin to GCP Cloud SCC using the integration steps within Cavirin.

Next Steps

 

0
0
0
s2sdefault

© 2019 Cavirin Systems, Inc. All rights reserved.