How do I optimize my SCC Configuration?
The Security Command Center Premium (SCCP) Guide for Optimization exercise allows for verification of SCC enablement in an existing subscriber environment. This guided health check allows for verification of:
Getting Started
Simply outline your Goals and view the linked guide. As you progress through the steps, youโll familiarize yourself with SCCP Premium services, such as:
You will optimize threat detection capabilities by enabling robust logging in GCP, to include Firewall Rules, Workspace Login Audits, VPC Flow Log and more.
Lastly, the guide will walk you through configuring SCCP Integrated Services, such as Cloud Armor, Cloud Anomaly Detection, and Mandiant Attack Surface Management.
Wrapping Up
The end goal will be an optimized Premium Command Center that will allow for integration into workflow, operations and unified detection platforms.
The individual might be considering ways to enhance the security features and capabilities of the Command Center Premium service. They could be exploring strategies such as fine-tuning settings, implementing additional security measures, or seeking expert guidance to optimize their overall security posture effectively.
Any idea on how to do another Security Health Analytics scan to update the ui after you make changes to the vm or firewall. Gemini says we should be able to but i cant find it anywhere. Any help would be appreciated.
Hi @tommy2386 - The scans will happen automatically, for instance, when changes are made. Below is documentation on the different modes for scan: https://cloud.google.com/security-command-center/docs/concepts-security-health-analytics#sha-scan-ty...