Skip to main content

Table of Contents

 

134449i47C8D46EAB2D6F13.png

The Security Command Center Enterprise’s Findings dashboard is a record of security issues that the Security Command Center services trigger.

 

Prerequisites

  • Have the following Roles:
    • Security Center Findings Viewer (roles/securitycenter.findingsViewer)
    • Security Center Findings Editor (roles/securitycenter.findingsEditor)

 

Actions

134450i900F7CCEF18A3EB6.png
Quick Filters

This section covers the findings dashboard in SCCE. This dashboard provides a comprehensive record of security issues identified by SCCE services, helping you analyze and address potential risks in your Google Cloud environment.

 

 

Prerequisites
  • Have the following Roles:
    • Security Center Findings Viewer 
    • Security Center Findings Editor

Steps
  1. Users will see the Findings dashboard with the Edit Query button at the top-right of the dashboard.
  2. Users will select Edit Query which will display a Query Text Editor that can be collapsed by clicking the Collapse Editor Toggle.134452i3E0AAA8CB2A2F821.png

     

  3. To the right of the Edit Query button, users will see a Time Range to select for the Findings Query
  4. At the left-side of the Asset Query dashboard, users will see a Quick Filters panel that has the following Filter categories:
    1. State
    2. Category
    3. Findings Class
    4. Project ID
    5. Resource Type
    6. Severity
    7. Source Display Name
    8. Cloud Provider
  5. To minimize the the Quick Filters panel, users will select the Toggle Panel button. 134453i1FC070CB58D2EF6D.png
Relevant Documentation Links

 

 
134451i31DE40EA7639C6C7.png
Findings Query Results

The Findings query results and details page in SCCE offers in-depth insights into detected security issues, with powerful tools to manage and analyze them.

 

 

Prerequisites
  • Have the following Roles:
    • Security Center Findings Viewer 
    • Security Center Findings Edito

Steps
  1. At the top of the Findings Query Results section, users will see five options:
    1. Change Active State
    2. Set Security Marks
    3. Mute Options
    4. Export 
    5. Columns Display
  2. In the main section of the Findings Query Results section, users will have a series of Column selections to choose from, but will have Results under the following default Column selections:
    1. Category
    2. Severity
    3. Toxic Combination Score
    4. Score
    5. Event Time
    6. Create Time
    7. Finding Class
    8. Display Name
    9. Resource Path
    10. Source Display Name
    11. Case ID
  3. When users select the Selection Text link under Category, users will see a Details page appear that shows the following tabs:
    1. Summary
    2. JSON
  4. At the top-right of the Details page, users will see the Take Action button, with the following options:
    1. Apply Mute Override
    2. Mute Findings Like This
    3. Copy Link
    4. Send Feedback
  5. In the Summary tab, users will see the following detail sections:
    1. What Was Detected
    2. Affected Resource
    3. Security Marks
  6. In the JSON tab, user will see the a Text Editor, with a Copy button in the top-right corner.
Relevant Documentation Links

 

 

Next Step: Security Command Center Enterprise: Step 3.4 - Investigation | Sources 

Previous Step: Security Command Center Enterprise: Step 3.2 - Investigation | Assets 

Be the first to reply!

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.