Google Cloud's SCC Enterprise aims to streamline response to threats and misconfigurations across IaaS platforms, including AWS and Azure. Credit: IDG-Owned Google’s new Security Command Center Enterprise (SCC Enterprise) could streamline cloud risk management through AI automation, saving security teams time, experts say. Enhanced with Mandiant threat intelligence and generative AI, SCC Enterprise aims to offer comprehensive insights across the cloud security lifecycle. Google Cloud has identified gaps in the protection provided by current cloud-native application protection platforms (CNAPPs) and introduced SCC Enterprise as a solution to better guard against emerging threats. “There are two things that Security Command Center Enterprise addresses compared with previous solutions: tighter integration between cloud and enterprise security and coverage across multi-cloud rather than just operating in silos,” Narayana Pappu, CEO at Zendata, a San Francisco-based provider of data security and privacy compliance solutions said in an interview. “Automation and integration of Gen AI brings efficiencies that will save teams time as well.” According to Suni Potti, VP/GM of Google Cloud Security, the new platform integrates Mandiant Threat Intelligence with modern SecOps capabilities, enabling swift responses to cloud security incidents through “SIEM-powered visibility and SOAR-driven accountability.” SCC Enterprise provides a single view “Security teams can get a single view of their posture controls, active threats, cloud identities, data, and more, while integrating remediation and issue accountability into the end-to-end workflows of a converged cloud risk management platform,” Potti wrote in a blog post. Google’s SCC Enterprise is built to analyze security data across different cloud platforms and visualize it in easy-to-understand visuals. It uses AI to help people who aren’t experts in managing complex cloud security. The system also includes Mandiant Hunt’s threat intelligence, which security teams can access whenever they need extra know-how. SCC Enterprise expands on what Google’s regular security services offer. It has more advanced tools for handling security threats in Google Cloud, Amazon Web Services (AWS), and Microsoft Azure, the company claims. The focus is on finding and fixing vulnerabilities and detecting specific kinds of threats that can happen in cloud setups. Responding to IaaS threat and misconfigurations The idea behind SCC Enterprise is to streamline responses to threats and misconfigurations within infrastructure as a service (IaaS) platforms like Google Cloud, AWS, and Azure by adding in native threat intelligence and a more flexible, workflow-based response toolkit, Guy Rosenthal, vice president, product, at DoControl, a New York City-based provider of automated SaaS security said in an interview. Google’s solution aims to speed up the process of fixing security issues, which could lower risk by reducing the time systems are vulnerable and minimizing delays caused by human response. “In terms of bringing threat intelligence to CNAPP with Mandiant and GenAI tools, I expect Google to add significant value for potential customers,” Rosenthal added. “This should make cooperation between DevOps/Cloud operators and SecOps/Security teams easier and more efficient.” However, Rosenthal was uncertain about the benefits of incorporating the workflow engine directly, indicating that its effectiveness remains to be seen. “The value of reduced response time will have to be weighed against the operational burden and opportunity cost of having multiple systems that do the same function (SOAR) that must be implemented and maintained,” he added. Rosenthal pointed out that there’s intense competition in the cloud-native application protection platform (CNAPP) market. Microsoft has Defender for Cloud as a long-standing entry generally included in Microsoft enterprise licensing. “For organizations that desire more features, all of the major SASE/SSE vendors have a CNAPP offering: Palo Alto Networks, Zscaler, etc,” he added. “In addition, there are key innovators in this space that are gaining significant traction in the market, like Wiz, Lacework, and Ermetic (now part of Tenable),” Rosenthal said. “About the only major infrastructure or security player without a CNAPP offering is AWS, who, so far, has chosen to partner rather than to play directly in this space.” According to security consultant John Bambenek, Google’s acquisitions of security firms like SIEMplify and Mandiant enable the company to enhance its security offerings. The company aims to lure users away from Microsoft’s Office 365 ecosystem and into Google Workspaces. “As long as you are on Google products, it works out pretty good,” he added. “But once you add in other vendors’ products (Azure AD, AWS, etc.), the native functionality starts dropping off.” Related content news AT&T suffers critical breach impacting 73 million customers Data released on the dark web impacts 7.6 million existing account holders and 65.4 million past subscribers. By Shweta Sharma 01 Apr 2024 4 mins Data Breach feature Recruit for diversity: Practical ways to remove bias from the hiring process Changing the wording on job descriptions and introducing a diverse hiring panel are some of the ways to remove bias when hiring cybersecurity professionals. By Aimee Chanthadavong 01 Apr 2024 8 mins Careers feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff 01 Apr 2024 17 mins Technology Industry IT Skills Events news Top cybersecurity product news of the week New product and service announcements from Bedrock Security, GitGuardian, Legit Security, Nametag, and Cybereason and Observe By CSO staff 29 Mar 2024 70 mins Generative AI Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe