Có gì thay đổi Gần đây, Google đã giới thiệu khả năng tạo không gian…
As the number of platforms you build and your applications on increases, the main challenge is understanding what applications you have deployed and what their security status is. If it's not visible, it can be difficult to tell if there are any potential vulnerabilities in your applications.
Today, we are pleased to announce the official launch of the tool Cloud Security Scanner give Google Kubernetes Engine (GKE) and Compute Engine, join Cloud Security Scanner for App Engine. Now, no matter where you run your application on Google Cloud, you can quickly gain insight into your web application vulnerabilities and take action before bad guys can exploit them.
Web application vulnerabilities can occur during development. Some of these vulnerabilities include incorrect setup of the application's security framework, incorrect deployment of the application into production environments, or patched or updated systems.
Cloud Security Scanner can find a wide range of web application vulnerabilities in search; Here are a few examples of its capabilities:
- Identify and notify you of common external vulnerabilities in your applications such as Flash Injection or mixed content
- Warns you of GIT and SVN accessibility.
- Addressing content vulnerabilities that man-in-the-middle attackers can exploit to take control of the website, leading to resource overload or stopping user actions.
- Alerts you if an application is showing signs of converting passwords to plain text, or displaying HTTP header errors, including typos or mismatched values in the header.
Cloud Security Scanner handles those security holes as well as searches in Cloud Security Command Center (Cloud SCC), or Cloud Security Posture Management (CSPM) tool, so you will be able to capture missing configurations, system weaknesses, and threats, so you can quickly respond to scenarios. on the dashboard. Then, when you click search, you can see a description of the problem/issue with advice on how to fix it and prevent it from happening in the future.
Cloud Security Scanner is not enabled by default. To activate it, you need to complete the steps in quickstart then visit the Security Sources section in Cloud SCC to make sure the functionality is enabled. You can also create custom scan scenarios for your application using Cloud Security Scanner UI. once Cloud Security Scanner is enabled, it will scan your application, scan for all the links you assign, and try to execute as many users request and evaluate if the requests are processed. The scan uses Chrome and Safari browsers, and is embedded with the Blackberry mobile platforms and Nokia phones. You can even schedule periodic scans.
To add an extra layer of protection to applications running on GKE servers, you can use the tool Container Registry vulnerability scanning to check for vulnerabilities in container images before deploying to production.
Get started with Cloud Security Scanner easily and secure your apps. If you are new to GCP, you can start using GCP and enable Cloud SCC and Cloud Security Scanner. If you are already using GCP, you can easily enable Cloud Security Scanner from Security Sources in Cloud SCC, and use it for free. For more detailed information about Cloud Security Scanner, read add this document.