About andras

andras · 05-17-2024

Today's enterprises rarely rely on a single cloud provider. Hybrid and multi-cloud strategies have become the norm, offering flexibility and avoiding vendor lock-in. However, this diversity can make security management complex. Google Cloud's multi-c...

andras · 05-02-2024

Embarking on your cloud journey with Google Cloud Platform? Congratulations! The power and scalability of GCP are at your fingertips. But amidst the excitement, we understand the paramount importance of securing your cloud environment. That's where G...

andras · 04-23-2024

Let's face it, Security Command Center (SCC) is a goldmine of security data. But sometimes, those shiny nuggets of insight need a bit of refining before they reveal their true value. That's where BigQuery comes in, transforming your SCC data into a p...

andras · 04-19-2024

Google Cloud is taking a massive leap forward in cloud security by integrating Mandiant's Attack Surface Management (ASM) capabilities into the Enterprise Tier of its Security Command Center (SCC). Let's explore what this means for anyone seeking to ...

andras · 04-17-2024

Security Command Center Premium helps you strengthen your security posture by evaluating your security and data attack surface; providing asset inventory and discovery; identifying misconfigurations, vulnerabilities, and threats; and helping you miti...

andras

SCC does have a feature which can possibly cover some but possibly not the 100% of this use case. Virtual Machine Threat Detection, a built-in service of Security Command Center Premium and Enterprise, provides threat detection through hypervisor-lev...

andras

Yes they are two different products but as you mentioned they can work together (and in some features of SCC Enterprise Tier they do, out of the box). SecOps is a SIEM and SOAR platform designed to retain, analyze, and search the large amounts of sec...

andras

SCC Premium Findings would only be available on Project B if SCC Premium is enabled on that project or if it'e enabled Org wide. There are some more info on the activation of different tiers here and some of the limitations on Project vs Org activati...

andras

I was having a look through the notes on this topic and trying to narrow down where the issue maybe. Can you see the Vulnerabilities for the instance under the VM instance details? Can you see the Vulnerability when looking for Vulnerabilities in you...

andras

For Premium tier detections (VM and Container Threat Detection, Event Threat Detection, etc) to be available for streaming to BQ you would need Premium/Enterprise enabled and setup. If they are not enabled the relevant Findings will not be created. F...

My Stats

andras's Bio

Badges andras Earned

Recent Activity

AWS threat and vulnerability detection in SCCE

Mastering Google Cloud Security Command Center Premium - Success Kit

SCC as a Data Lake: Leveraging BigQuery for Advanced Security Analytics

Mandiant Attack Surface Management + Google Security Command Center Enterprise

Security Command Center Premium - Journey Overview

Re: SCC detection of commands on OS level

Re: SCC vs Google SecOps (aka former Chronicle + Chronicle SOAR). What is the difference?

Re: Using the SCC APIs to build a lightweight version of SCC product

Re: Top CVE findings on your virtual machines

Re: Using the SCC APIs to build a lightweight version of SCC product