How do I optimize my SCC Configuration?
The Security Command Center Premium (SCCP) Guide for Optimization exercise allows for verification of SCC enablement in an existing subscriber environment. This guided health check allows for verification of:
- Enablement of SCC Premium Tier services
- Access Control Best Practices / Least Privilege implementation
- Logging with SCCP Event Threat Detection
- Essential Security Contacts and Notifications
Getting Started
Simply outline your Goals and view the linked guide. As you progress through the steps, you’ll familiarize yourself with SCCP Premium services, such as:
- Event Threat Detection
- Security Health Analytics
- Web Security Scanner
- Container Threat Detection
- Rapid vulnerability Detection
- Virtual Machine Threat Detection
You will optimize threat detection capabilities by enabling robust logging in GCP, to include Firewall Rules, Workspace Login Audits, VPC Flow Log and more.
Lastly, the guide will walk you through configuring SCCP Integrated Services, such as Cloud Armor, Cloud Anomaly Detection, and Mandiant Attack Surface Management.
Wrapping Up
The end goal will be an optimized Premium Command Center that will allow for integration into workflow, operations and unified detection platforms.