Skip to main content

Security Command Center Enterprise: Step 2.1 - Visualization | Risk Overview

  • December 27, 2024
  • 0 replies
  • 92 views
Digital-Customer-Excellence
Staff
Forum|alt.badge.img+7

Table of Contents

 

134485i0717BF281B80EA0E.png

The Security Command Center Enterprise overview dashboard can be used to find the most severely rated findings in your organization so that you can prioritize fixes.

 

Actions

134486i7E86F418877E4ACA.png
Threat

The Risk Overview dashboard highlights the most critical security findings to help you prioritize threats effectively.

 

 


Steps
  1. In the Risk Overview section, users will see a dashboard of the several rated findings in their organization, so the can prioritize fixes.
  2. There users will see the Threat Cases widget to provide visualization to Triage and Investigate the latest threats with cases. 
  3. Users will see a graph with a count of Total Cases, and a Priority Rating Scale, listing Cases as:
    1. Critical
    2. High
    3. Medium
    4. Low
    5. Info
  4. Each Rating Scale will have the number of Cases associated with each Priority Rating Scale, where users can select to view the Cases List in the Google SecOps’ Cases feature.
  5. The Cases feature will be covered further in the Google SecOps Cases section of the Onboarding Journey.
  6. Users can click the View All Threat Cases link at the bottom-right of the Widget, to View All Threat Cases in Google SecOps, which will show the Cases. If users just click each grouping of Cases by Priority in the Widget, users will see a list of Cases by Name and ID number.
  7. This view gives users an overview of all cases and their associated Assignee.
  8. In the Threat Findings Widget users can see the list of High Risk Threats by finding Severity in a Graph. This will also list Cases by:
    1. Resource Type
    2. Category
    3. Project
  9. Users can click the View All Alerts link at the bottom-right of the Widget, to View All Alerts in Google SecOps to view the Threat Findings Alerts List in the Google SecOps Alerts & IOCs feature.
  10. The Alerts feature will be covered further in the Google SecOps Detection section of the Onboarding Journey.
Relevant Documentation Links

 

 
134487iD9A752A947AE7E13.png
Vulnerability

The Vulnerability Cases widget provides key insights into your organization's most critical vulnerabilities, helping you prioritize fixes and track high-risk areas.

 

 


Steps
  1. The Vulnerability Cases widget provides visualization to Triage and Track an organization’s riskiest Vulnerabilities with Cases.
  2. Users will see a graph with a count of Total Cases, and a Priority Rating Scale, listing Cases as:
    1. Critical
    2. High
    3. Medium
    4. Low
    5. Info
  3. Each Rating Scale will have the number of Cases associated with each Priority Rating Scale, where users can view the Vulnerabilities List in the Google SCCE Cloud Platform’s Vulnerabilities by Case list by selecting Cases by Priority or by selecting View All Vulnerabilities by Case. This page will include Vulnerabilities Findings query results.
  4. Users can click the View All Vulnerability Cases link at the bottom-right of the Widget, to View All Vulnerability Cases in the Cases List in the Google SecOps’ Cases feature.
  5. The Cases feature will be covered further in the Google SecOps Detection section of the Onboarding Journey.
  6. In the Active Vulnerability Findings Widget, users will be able to visualize their highest risk Vulnerabilities by finding resource type.
  7. This view will provide a graph listing Vulnerabilities by:
    1. Findings by Attack Exposure Score
    2. Findings by Resource Type
  8. Below the graph is a list of Vulnerability Findings with an Attack Exposure Score. This list will display the:
    1. Category
    2. Attack Exposure Score
    3. Resource Path
    4. Case ID
    5. Resource
  9. Users can click the View All Findings with Attack Exposure link at the bottom-right of the Widget, to View All Findings with Attack Exposure in the Findings list of the Google SCCE Cloud Platform’s Findings feature. This page will include Vulnerabilities Findings Query Results.
  10. In the Top CVE Findings of your Virtual Machines, users can prioritize their highest risk CVEs by Impact and Exploitability.
  11. Users can click the View All CVE Findings link at the bottom-right of the Widget, to View CVE Findings in the Findings list of the Google SCCE Cloud Platform’s Risk Overview> Findings by CVE feature. This page will include Findings by CVE ID list, with an option to view in the Findings feature.
Relevant Documentation Links

 

 
134488iA7D0CC11CA790957.png
Identity and Access

The Identity and Access widget highlights high-severity findings related to identity and access, enabling you to detect and mitigate security risks associated with permissions and controls.

 

 


Steps
  1. The Identity and Access Findings widget provides visualization of the Top Severity Identity and Access Findings by category.
  2. Users will see a list of Top Severity Identity and Access Findings. This list will display by:
    1. Severity
    2. Finding Category
    3. Cloud Provider
    4. Total Findings
  3. Users can click the View All Identity and Access Findings link at the bottom of the Widget, to View All Identity and Access Findings in the Findings list of the Google SCCE Cloud Platform’s Findings feature. This page will include Identity and Access Findings Query Results.
  4. Users will see an option to Review Access with Policy Analyzer for Google Cloud link at the bottom-right of the Widget. By clicking it users will be brought to the Policy Analyzer feature of the Google Cloud Console’s IAM & Admin page.
  5. The Policy Analyzer helps you answer "Who has access to a resource and what can they do?" It examines the user’s IAM Policy Settings, and then shows them how they affect each principal and resource.
  6. Users will create a Query in each section, based on the question template they have, by selecting:
    1. Create Query
    2. Create Custom Query
  7. After users configure their Query, users will select Analyze.
Relevant Documentation Links

 

 
134489i40EDD80DFB668DD0.png
AI Workload

AI Workload Findings allow users to review violations to secure AI policies, drift from intended AI policies, and security issues detected on AI resources.

 

 


Steps
  1. The AI Workload widget provides visualization of violations to secure AI policies.
  2. Users will see the following sections:
    1. Vulnerabilities
    2. Policy Drift

  3.  

    The Vulnerabilities section will have the following columns:
    1. Category
    2. Severity
    3. Resource
  4. Users can click the View all link at the bottom-right of the widget to View All of the AI Workload Vulnerabilities Findings in the Google SCCE Cloud Platform's Findings feature. This page will include AI Workload Vulnerabilities Findings Query Results.
  5. The Policy Drift section will have the following columns:
    1. Changed Policy
    2. Event Time
    3. Resource
  6. Users can click the View All link at the bottom-right of the widget, to View All in the AI Workload Policy Drift Findings list of the Google SCCE Cloud Platform’s Findings feature. This page will include AI Workload Policy Drift Findings Query Results.
Relevant Documentation Links

 

 
134490i2E99972A41765F47.png
Data Security

Data security findings displays the top severity data security findings, by finding category.

 

 


Steps
  1. The Data Security widget provides visualization to severity data security findings.
  2. The Data Security section will have the following columns:
    1. Severity
    2. Findings Category
    3. Total Findings
  3. Users can click the View All Data Security Findings link at the bottom-right of the widget, to View All Data Security Findings in the Data Security Findings list of the Google SCCE Cloud Platform’s Findings feature. This page will include  Data Security Findings Query Results.
  4. Users can click the Review Detailed Data Posture in Sensitive Data Protection link at the bottom-right of the widget, to Review Detailed Data Posture in Sensitive Data Protection in the Sensitive Data Protection section of the Google SCCE Cloud Platform’s Data Protection feature.
  5. Users will be automatically be brought to the Discovery Dashboard of the Sensitive Data Protection page. This will display the following information:
    1. Product Coverage
    2. Sensitive Data Inventory Details
    3. Asset Locations
    4. InfoType Graphs
    5. Risk Over Time Graph
    6. Sensitivity Over Time Graph
  6. The Discovery Dashboard also allows users to view and make changes to the following sections:
    1. Profiles
    2. Scan Configurations
    3. Cost Estimates
    4. Service Connections
    5. Create Configurations
Relevant Documentation Links

 

 

Next Step: Security Command Center Enterprise: Step 2.2 - Visualization | Threats 

Previous Step: Security Command Center Enterprise: Step 2 - Visualization Overview 

    willitam

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.