Hi,
Attack path simulation is using SA SYSTEM_MANAGED keys to represent as a possibility, this is something that we as user's can't do anything, since any SA without USER_MANAGED key have always a SYSTEM_MANAGED key.
Is this something expected?
Any solution to avoid this keys on the simulation?
BR,
Pedro Lourenço
Hello @pfilourenco ,
Here is according to Mahesh "Google Cloud’s advanced attack simulation engine leverages our first-party, agentless visibility of Google Cloud assets, the relationships between assets, and the current state of defenses. Attack path simulation is fully automated with no need to manually run queries. Simulations run in the Google Cloud environment, and do not send snapshots outside your environment, avoiding exposure of sensitive information."
You can check this documentation for reference.
Hello @pfilourenco ,
Here is according to Mahesh "Google Cloud’s advanced attack simulation engine leverages our first-party, agentless visibility of Google Cloud assets, the relationships between assets, and the current state of defenses. Attack path simulation is fully automated with no need to manually run queries. Simulations run in the Google Cloud environment, and do not send snapshots outside your environment, avoiding exposure of sensitive information."
You can check this documentation for reference.
@dionv that is not a "Solved" answer for my question...
After this question I opened a ticket and Google Cloud resolved the problem, removing the SA SYSTEM_MANAGED keys from the attack simulation engine.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.