About andras

andras · 10-04-2024

Security Command Center now supports dynamic mute rules, which allow you to mute future and existing findings temporarily until a specified date or indefinitely until a finding no longer matches the configuration. We are adding these rules as an alte...

andras · 07-29-2024

Please note at the time of this post the Toxic Combinations feature is currently in Preview. A toxic combination is a group of security issues that, when they occur together in a particular pattern, create a path to one or more of your high-value res...

andras · 05-17-2024

Today's enterprises rarely rely on a single cloud provider. Hybrid and multi-cloud strategies have become the norm, offering flexibility and avoiding vendor lock-in. However, this diversity can make security management complex. Google Cloud's multi-c...

andras · 05-02-2024

Embarking on your cloud journey with Google Cloud Platform? Congratulations! The power and scalability of GCP are at your fingertips. But amidst the excitement, we understand the paramount importance of securing your cloud environment. That's where G...

andras · 04-23-2024

Let's face it, Security Command Center (SCC) is a goldmine of security data. But sometimes, those shiny nuggets of insight need a bit of refining before they reveal their true value. That's where BigQuery comes in, transforming your SCC data into a p...

andras · 11-20-2024

I would normally only expect to see Findings in SCC if the VM Manager part is enabled and running properly. If you don't see anything in the VM Manager part i would recommend trying to concentrate on that part first and verify if all the requirements...

andras · 11-06-2024

Hello @dheerajpanyam, i believe this would not work by default due to the nature of the dynamically assigned IP as you mentioned. WSS today requires to be applied against domains with static ip assigned to them. The following link shows a few details...

andras · 10-21-2024

SCCE is now essentially fully connected with SCC and SecOps (SIEM+SOAR) https://cloud.google.com/security-command-center/docs/concepts-security-command-center-overview#enterprise_tier Findings from SCC will be ingested in SIEM and certain Critical Fi...

andras · 10-07-2024

Hi Lee, For the GKE Security Bulletin vulnerabilities we would normally look for vulnerabilities related to Security Bulletins related to GKE. Some more details on these can be found here: https://cloud.google.com/kubernetes-engine/security-bulletins...

andras · 10-02-2024

At the moment i don't think we have a way to programmatically enable the premium tier for a project basis. I've seen this question a few times in the past and it could be a great feature to be added in the future. If possible and if you have access t...

My Stats

andras's Bio

Badges andras Earned

Recent Activity

Dynamic mute rules are now generally available

How Risk Engine detects toxic combinations

AWS threat and vulnerability detection in SCCE

Mastering Google Cloud Security Command Center Premium - Success Kit

SCC as a Data Lake: Leveraging BigQuery for Advanced Security Analytics

Re: Top CVE findings on your virtual machines

Re: SCC premium does not work with Firebase?? Interesting

Re: SCC + Chronicle SIEM + Chronicle SOAR - How are they connected?

Re: any document about vulnerabilities without module ID on SCC?

Re: How to Enable SCC Premium Programmatically?