Console
    Start free

    Assess risk at a glance

    The Risksection in the Google Cloud console helps you to manage the highest profile risks in your cloud environment.

    The Overviewpage serves as your first contact security dashboard, highlighting the highest priority risks in your cloud environments. You can view multiple domains in Overviewby selecting one of the following views:

    If Security Command Center was recently activated, it might take time for data to appear. For information about the scan frequency of Security Command Center services, see When to expect findings in Security Command Center .

    All risk dashboard

    The All riskdashboard surfaces the following high-priority security risks across your cloud environments:

    Standard-legacy

    • Misconfigurations by date: shows the number of misconfiguration findings over time.
    • Top misconfigurations: summarizes the misconfiguration findings by resource type, category, and project (when viewing data for an organization).
    • Critical CVEs: summarizes the CVEs in vulnerability findings identified as having critical impact.

    Standard

    • Misconfigurations by date: shows the number of misconfiguration findings over time.
    • Top misconfigurations: summarizes the misconfiguration findings by resource type, category, and project (when viewing data for an organization).
    • Critical CVEs: summarizes the CVEs in vulnerability findings identified as having critical impact.
    • Compliance: summarizes the passing cloud controls in applied Compliance Manager frameworks and the number of active findings.

    The Misconfigurations by dateand Top misconfigurationspanels include data about Security Health Analytics findings that don't have the launch_state="LAUNCH_STATE_DEPRECATED" field-value identifier.

    Premium and Enterprise

    • Riskiest issuesshows at-a-glance information for your top issues , including simplified attack paths, evidence diagrams, or threat finds that are combined together as Correlated Threats ( Preview ). This panel isn't available with project-level activations.

    • Recent Google Cloud threatsthat are active in your cloud environments.

    • High-impact, exploitable vulnerabilities, prioritized by the resources impacted by them.

    • Compliancesummarizes the passing compliance frameworks and the number of active findings. The data source for this panel is either Security Health Analytics or Compliance Manager.

      If your organization was activated or migrated to the Standard tier , and then you upgraded to the Premium tier or Enterprise tier, the Compliancepanel shows industry benchmarks that Security Command Center supports using Compliance Manager frameworks.

      Otherwise, the Compliancepanel shows industry benchmarks that Security Command Center supports using Security Health Analytics. You can view both Compliance Manager frameworks and Security Health Analytics frameworks on the Compliancepage.

    In most cases, you can interact with individual high-priority risks for a brief summary, continue on to a more detailed view of each risk, or view all risks of a specific type.

    Vulnerabilities dashboard

    The Vulnerabilitiesdashboard gives insights into virtual machines and containers with exploitable vulnerabilities across your cloud environments. The dashboard displays the following information:

    • Top common vulnerabilities and exploits. Displays a clickable quadrant heatmap to help you filter vulnerabilities by exploitability and impact (risk rating) . The number of unique resources that are affected and the findings related to those resources are shown in a table after the heatmap. Each unique resource might have more than one finding. You can click a heatmap cell again to reset the heatmap.

    • Most common critical exploitable vulnerabilities. A list of highly exploitable vulnerabilities found in your cloud environments, prioritized by the total number of unique resources impacted by them.

      Vulnerability findings are grouped in an interactive chart by the exploitability and impact of the corresponding CVE, as assessed by Mandiant. Click a block in the chart to see a list of vulnerabilities by CVE ID that have been detected in your environment.

      Expand a CVE section to view its descriptions, which are findings related to the CVE and the resources they affect. Because different findings can affect the same resource, the sum of all resource counts in the expanded description might be greater than the unique resource count in the heading row.

    • Containers with exploitable vulnerabilities. A list of containers with exploitable vulnerabilities, where the vulnerability exploitation activity rating is available , confirmed , or wide and the risk rating is critical , based on the assessment of Google Threat Intelligence. The list is ordered by attack exposure score , then by largest number of impacted resources.

    • Latest compute vulnerabilities with known exploits. A list of Compute Engine virtual machine instances that have exploitable vulnerabilities with findings that belong to the OS_VULNERABILITY or SOFTWARE_VULNERABILITY category.

      From here, you can check the following:

      • The attack exposure score of the exploit. Click the score to view the attack paths to your exposed high-value resources .
        • How many configured high-value resources have been exposed due to the vulnerability that have a priority of HIGH , MEDIUM , or LOW .
        • The Exploit release date, which is when the vulnerability was announced.
        • The First available date, which is when an exploit was first observed.
        • The level of exploitability of the vulnerability.

    Data dashboard

    The Datadashboard in the Google Cloud console lets you see how your organization's data aligns with your data security and compliance requirements. For more information, see Data Security Posture Management overview .

    The dashboard displays the following information:

    Standard

    • Data security compliancesummarizes the failing data cloud controls, the number of data security findings, and the top data security findings.
    • Learn about data securityprovides a video and links to more information about how to protect your digital information from unauthorized access, use, disclosure, alteration, or destruction.
    • Data Map Explorershows the geographic locations where your data is stored and lets you filter information about your data by geographic location, how sensitive the data is, the associated project, and which Google Cloud services store the data. The circles on the data map represent the relative count of data resources and data resources with alerts in the region.
    • Resourcestable summarizes findings by resource and includes the display name, resource type, location, number of findings, and project ID that the resource belongs to.

    Premium and Enterprise

    • Top data security findingslists the number of findings by finding category and severity.
    • Top data frameworks with open findingslists frameworks with the most findings.
    • Data Map Explorershows the geographic locations where your data is stored and lets you filter information about your data by geographic location.
    • Resourcestable summarizes findings by resource and includes the display name, resource type, location, number of findings, and project ID that the resource belongs to.
    • Quick Filterspanel lets you filter data in the Resourcestable.

    Code dashboard

    The Codedashboard shows code vulnerabilities in your cloud environments found by Snyk. To use it, you need to set up the Snyk integration .

    You can also view code vulnerabilities in the Google Cloud console .

    AI Security dashboard

    The AI Securitydashboard provides a high-level view of your AI security posture.

    The dashboard displays the following sections:

    • AI Inventory: Access an overview of the following:

      • The count of discovered AI agents that are deployed to Vertex AI Agent Engine Runtime . Each listed agent has a detailed view page.
      • The AI models that are used (including foundational models and custom-built models).
      • The datasets that are used in training or fine-tuning the AI models. If Sensitive Data Protection is enabled, the dashboard shows whether datasets contain sensitive data.
      • The endpoints where your AI models are hosted.

    • Riskiest AI Issues: View top risks in your AI inventory, prioritized by the highest attack exposure scores . Click any issue to see details.

    • Recent AI Threats: Get a summary of recent threat findings.

    • Findings: Assess and manage findings generated by AI security and data security policies. This widget breaks up findings into two categories:

      • AI Vulnerabilities & misconfigurations: See any vulnerabilities and misconfigurations in findings across your AI workloads.
      • AI Framework: Google Recommended AI Essentials - Vertex AI: View the percentage of adherence to Google recommended AI security best practices, including controls that help improve the AI workloads security posture. For feature availability and data residency implications, see Supported features and launch stages .

    • Sensitive data in Vertex AI datasets: Assess and manage findings for sensitive data in Vertex AI datasets.

    • Gemini models secured with Model Armor: View Gemini models that are protected and unprotected by Model Armor floor settings.

    • Violations: See detections by Model Armor across any model that is protected by Model Armor templates and floor settings. An interaction is a single request that is analyzed by Model Armor and one interaction can have multiple violations.

    For more information about Security Command Center Premium tier limitations for AI Protection, see Limitations .

    Identity dashboard

    The Identitydashboard shows misconfiguration findings related to principal accounts ( identities ) that are misconfigured or are granted excessive or sensitive permissions.

    Threats dashboard

    The Threatsdashboard helps you review potentially harmful events in your Google Cloud resources in the past seven days. You can view findings in the following panels:

    • New threats over timeshows potentially harmful events in your resources over a time period that you specify. The default time period is seven days. Specify the time period to display threats for by using the Time rangefield.

    • Top Threatspanel shows the following:

      • Threats by severityshows the number of threats in each severity level.
      • Threats by categoryshows the number of findings in each category across all projects.

    • Threats by projectpanel shows the number of findings for each project in your organization.
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: