This section covers offering description
Check setup options, details, troubleshooting, and validation steps under Installations - Cloud - GCP
- Threat detection based on GCP Cloud Audit Logs integration
- Compliance Security Posture Management (CSPM), including CIS GCP and CIS GKE Benchmark compliance assessments
- GCP Cloud Container scanning
- Image scanning on GCP
Threat Detection Based on GCP Cloud Audit Logs
Threat Detection leverages audit logs from GCP Cloud Audit logs plus Falco rules to detect threats as soon as they occur and bring governance, compliance, and risk auditing for your cloud accounts.
A rich set of Falco rules, a GCP Best Practices default policy, and a GCP policy type for creating customized policies are included. These correspond to security standards and benchmarks such as: NIST 800-53, PCI DSS, SOC 2, MITRE ATT&CK®, and Google Cloud Security best practices.
CSPM/Compliance with CIS GKE and CIS GCP Benchmarks
A new cloud compliance standard has been added to the Sysdig compliance feature - CIS GCP benchmarks. These assessments are based on an open-source engine - Cloud Custodian - in Sysdig’s Cloud Security Posture Management (CSPM) engine.
The assessments evaluate your Google Cloud services against the benchmark requirements and returns the results and remediation activities you need to fix misconfigurations in your cloud environment.
GCP Cloud Container Scanning
GCP Cloud Container Scanning uses a PubSub topic to automatically detect any container image pushed to registries on Google Container Registry or Google Artifact Registry, as well as images deployed to Google Cloud Run. An ephemeral Google Cloud Build pipeline is then created to scan that image so a vulnerability report is available in your Sysdig backend.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.