MVISION Cloud for Google Cloud Platform (GCP) extends features to monitor, secure, and audit Google Cloud Platform environments for threat protection, anomaly detection, configuration audit, and forensic audit logs. MVISION Cloud provides this capability by leveraging public GCP APIs.
Compliance Reporting for GCP
When you adopt GCP, you must make sure it is configured correctly for CIS Level standards or internal compliance policies, in order to make sure compliance audits are successful and to secure any known risks.
Detect and Prevent Data Exfiltration from GCP
Your GCP environment may host many customer-facing business and workflow applications. A compromised account or an insider threat incident can damage your enterprise. To prevent this, implement incident detection systems to detect and mitigate against data exfiltration. MVISION Cloud offers visibility into critical or sensitive data stored in GCP to make sure data is protected. Its content engine automatically classifies sensitive information. Then, it enforces controls to remove or quarantine sensitive data and prevent data exfiltration via cloud-based email and messaging.
Cloud Audit Logs
MVISION Cloud for GCP captures activities to provide post-incident investigation insight and forensics support.
Cloud Audit Logs profile logs current cloud application security settings and suggests changes to improve security based on industry best practices. MVISION Cloud continuously monitors GCP configuration against regulatory requirements to streamline internal and external audits, such as ISO 27008, PCI, or HIPAA. For more information, visit Audit Log.
Threat Protection and Anomalies
MVISION Cloud for GCP detects compromised account threats, insider threats, and privileged access misuse threats. MVISION Cloud for GCP also makes sure an SOC is not flooded by anomalies due to sudden changes in MVISION Cloud, GCP event feeds, or bulk change patterns in use.
Security Configuration Audit
MVISION Cloud for GCP monitors various configuration settings that increase the risk profile of GCP deployments across the following categories:
- Security Policy
- Security Monitoring
- Unrestricted Access
- Security Policy
- Secure Config
- SQL Services
MVISION Cloud for GCP continuously monitors GCP configuration against regulatory requirements to streamline internal and external audits, such as ISO 27008, PCI, and HIPAA. For more info, visit Security Configuration Audit for IaaS.
Google Kubernetes Engine (GKE)
GKE uses the Kubernetes policy templates listed in Policy Templates for Container Security.
MVISION Cloud supports only Kubernetes engine version 1.15 for master node policies.
For configuration instructions, see Integrate GCP with MVISION Cloud.
Google Cloud Security Command Center
Google Cloud Security Command Center is a security management and data risk platform for GCP, designed to help security teams prevent, detect, and respond to threats in one location. It provides visibility for assets running in Google Cloud, as well as risky misconfigurations, so enterprises can reduce their exposure to threats.
To enable MVISION Cloud for Google Cloud Security Command Center, contact MVISION Cloud Support. For details, see Integrate MVISION Cloud with Google Cloud Security Command Center.