Security Consultant at a consultancy with 51-200 employees
Consultant
Top 20
2024-07-03T16:09:42Z
Jul 3, 2024
I would recommend using it but only if you have analysts who understand Google Cloud. If you have an external SOC who doesn't, maybe wait and look for something more widely used. If you're specialized in GCP and have a competent SOC, go for it. I like it to some degree, but not as much as AWS and Azure. Overall, I would rate the product a six out of ten, with ten being the best.
Infosec Module Lead at a tech vendor with 201-500 employees
Real User
Top 5
2024-04-11T09:12:00Z
Apr 11, 2024
In terms of identifying, the solution is pretty good. It takes care of all the layers. We have Cloud, Kubernetes cluster, instances running, and network. We have identities, permissions, and access. It provides pictures of everything in GCP. There's no such integration required. There are Google APIs that you need to enable. The compliance reporting feature helped us maintain a baseline of compliance within the information security policies. It's pretty stable and scalable. However, visibility can be improved along with automation. SCC to provide an option to fix those things, perhaps by clicking a button. For example, if a firewall rule allows an application to accept HTTP traffic, I should be able to address that specific issue directly within the interface. It's just a regular call to action button. There are no prerequisites for the solution. It's a requirement to have good security visibility into your Google Cloud Infrastructure. Cloud Security Command Center could be a good product to consider. There are other open-source solutions available. There are solutions from Aqua that are pretty decent. I would recommend that if somebody is opting for SCC, they should also explore open-source solutions. Open-source solutions can be very beneficial, especially if they are pursuing a multi-cloud strategy. You won't need additional security tools for platforms like AWS or others. Whenever a security issue pops up, a generative AI backend provides a summary of what happened. The information provided is quite detailed. Overall, I rate the solution an eight out of ten.
Google Cloud Security Engineer at a tech services company with 11-50 employees
Real User
Top 5
2023-11-14T17:44:57Z
Nov 14, 2023
Google Security Command Center definitely offers a significant return on investment, particularly in terms of compliance. It streamlines the process for companies planning to expand, making it remarkably easy to ensure compliance with various standards. Compared to traditional methods that involve bringing in consultants, mapping assets, and extensive training, this tool allows for swift and efficient infrastructure security configurations, completing the process in a week or less. Overall, I rate the solution an eight out of ten.
CSPM solutions help organizations identify and remediate security risks and compliance challenges within cloud environments. CSPM tools use automated scans to identify potential security issues, and then provide recommendations for remediation.
I would recommend using it but only if you have analysts who understand Google Cloud. If you have an external SOC who doesn't, maybe wait and look for something more widely used. If you're specialized in GCP and have a competent SOC, go for it. I like it to some degree, but not as much as AWS and Azure. Overall, I would rate the product a six out of ten, with ten being the best.
In terms of identifying, the solution is pretty good. It takes care of all the layers. We have Cloud, Kubernetes cluster, instances running, and network. We have identities, permissions, and access. It provides pictures of everything in GCP. There's no such integration required. There are Google APIs that you need to enable. The compliance reporting feature helped us maintain a baseline of compliance within the information security policies. It's pretty stable and scalable. However, visibility can be improved along with automation. SCC to provide an option to fix those things, perhaps by clicking a button. For example, if a firewall rule allows an application to accept HTTP traffic, I should be able to address that specific issue directly within the interface. It's just a regular call to action button. There are no prerequisites for the solution. It's a requirement to have good security visibility into your Google Cloud Infrastructure. Cloud Security Command Center could be a good product to consider. There are other open-source solutions available. There are solutions from Aqua that are pretty decent. I would recommend that if somebody is opting for SCC, they should also explore open-source solutions. Open-source solutions can be very beneficial, especially if they are pursuing a multi-cloud strategy. You won't need additional security tools for platforms like AWS or others. Whenever a security issue pops up, a generative AI backend provides a summary of what happened. The information provided is quite detailed. Overall, I rate the solution an eight out of ten.
Google Security Command Center definitely offers a significant return on investment, particularly in terms of compliance. It streamlines the process for companies planning to expand, making it remarkably easy to ensure compliance with various standards. Compared to traditional methods that involve bringing in consultants, mapping assets, and extensive training, this tool allows for swift and efficient infrastructure security configurations, completing the process in a week or less. Overall, I rate the solution an eight out of ten.