CASB for Google Cloud Platform (GCP) extends features to monitor, secure, and audit Google Cloud Platform environments for threat protection, anomaly detection, configuration audit, and forensic audit logs. Skyhigh CASB provides this capability by leveraging public GCP APIs.
Compliance Reporting for GCP
When you adopt GCP, you must make sure it is configured correctly for CIS Level standards or internal compliance policies, in order to make sure compliance audits are successful and to secure any known risks.
Detect and Prevent Data Exfiltration from GCP
Your GCP environment may host many customer-facing business and workflow applications. A compromised account or an insider threat incident can damage your enterprise. To prevent this, implement incident detection systems to detect and mitigate data exfiltration. Skyhigh CASB offers visibility into critical or sensitive data stored in GCP to make sure data is protected. Its content engine automatically classifies sensitive information. Then, it enforces controls to remove or quarantine sensitive data and prevent data exfiltration via cloud-based email and messaging.
Cloud Audit Logs
Skyhigh CASB for GCP captures activities to provide post-incident investigation insight and forensics support.
Cloud Audit Logs profile logs current cloud application security settings and suggests changes to improve security based on industry best practices. Skyhigh CASB continuously monitors GCP configuration against regulatory requirements to streamline internal and external audits, such as ISO 27008, PCI, or HIPAA. For more information, visit Audit Log.
Threat Protection and Anomalies
Skyhigh CASB for GCP detects compromised account threats, insider threats, and privileged access misuse threats. Skyhigh CASB for GCP also makes sure an SOC is not flooded by anomalies due to sudden changes in Skyhigh CASB, GCP event feeds, or bulk change patterns in use.
Security Configuration Audit
Skyhigh CASB for GCP monitors various configuration settings that increase the risk profile of GCP deployments across the following categories:
- Security Policy
- Security Monitoring
- Unrestricted Access
- Security Policy
- Secure Config
- SQL Services
Skyhigh CASB for GCP continuously monitors GCP configuration against regulatory requirements to streamline internal and external audits, such as ISO 27008, PCI, and HIPAA. For more info, visit CSPM Security Configuration Audit.
Google Kubernetes Engine (GKE)
GKE uses the Kubernetes policy templates listed in Policy Templates for CSPM.
Skyhigh CASB supports only Kubernetes engine version 1.15 for primary node policies.
For configuration instructions, see Integrate GCP with Skyhigh CASB.
Google Cloud Security Command Center
Google Cloud Security Command Center is a security management and data risk platform for GCP, designed to help security teams prevent, detect, and respond to threats in one location. It provides visibility for assets running in Google Cloud, as well as risky misconfigurations, so enterprises can reduce their exposure to threats.
To enable Skyhigh CASB for Google Cloud Security Command Center, contact Skyhigh Security Support. For details, see Integrate Skyhigh CASB with Google Cloud Security Command Center.