Stay organized with collections
Save and categorize content based on your preferences.
Security Command Center is a cloud-based risk management solution that helps security
professionals to prevent, detect, and respond to security issues. It helps to
keep your cloud environment secure by providing tools to monitor and manage the
following areas:
Vulnerability detection: Discover and remediate problems such as
misconfigurations, publicly exposed resources, leaked credentials, and
resources with known risks. Monitor compliance against common security
benchmarks like NIST, HIPAA, PCI-DSS, and CIS.
Threat detection and mitigation: Detect and respond to active threats such
as malware, cryptocurrency miners, container runtime attacks, and distributed
denial-of-service (DDoS) attacks.
Postures and policies: Define and deploy a security posture to monitor the
status of your Google Cloud resources, and address posture drift when it
happens. Check for and correct over-permissioned accounts.
Compliance and data security frameworks (Preview): Define
and deploy frameworks and cloud controls to monitor the status of your
Google Cloud resources, enforce data security, and address drift when it
happens.
Data export: Export findings to BigQuery and Pub/Sub for
further analysis.
Services that operate in each of these areas can generate findings. Findings
are records of threats or other issues that a service has found in your cloud
environments. Findings are generated by the following sources:
Built-in: Security services that are part of Security Command Center.
Integrated: Google Cloud security services that integrate with
organization-level activations of Security Command Center. For
example, Google Cloud Armor and Sensitive Data Protection.
Third party: Security services that have registered as Cloud Marketplace
partners, such as Snyk and
CrowdStrike Falcon, that work with organization-level activations of
Security Command Center.
See all third party security services.
For a list of available built-in, integrated, and third party security services,
and instructions for how to configure them, see
Configure Security Command Center services.
Service tiers
Security Command Center is offered in three service tiers: Standard, Premium, and
Enterprise. Each tier determines the features and services that are available to
you in Security Command Center.
For more information on what each tier includes, see
Service tiers.
Activation levels
You can activate Security Command Center
on an individual project, which is known as project-level activation, or an
entire organization, which is known as organization-level activation.
The Enterprise tier requires an organization-level activation.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Security Command Center overview\n\n| Standard, Premium, and Enterprise [service tiers](/security-command-center/docs/service-tiers)\n\nSecurity Command Center is a cloud-based risk management solution that helps security\nprofessionals to prevent, detect, and respond to security issues. It helps to\nkeep your cloud environment secure by providing tools to monitor and manage the\nfollowing areas:\n\n- **Vulnerability detection**: Discover and remediate problems such as misconfigurations, publicly exposed resources, leaked credentials, and resources with known risks. Monitor compliance against common security benchmarks like NIST, HIPAA, PCI-DSS, and CIS.\n- **Threat detection and mitigation**: Detect and respond to active threats such as malware, cryptocurrency miners, container runtime attacks, and distributed denial-of-service (DDoS) attacks.\n- **Postures and policies**: Define and deploy a security posture to monitor the status of your Google Cloud resources, and address posture drift when it happens. Check for and correct over-permissioned accounts.\n- **Compliance and data security frameworks ([Preview](/products#product-launch-stages))**: Define and deploy frameworks and cloud controls to monitor the status of your Google Cloud resources, enforce data security, and address drift when it happens.\n- **Data export**: Export findings to BigQuery and Pub/Sub for further analysis.\n\nFor a complete list of services, see\n[Service tier comparison](/security-command-center/docs/service-tiers).\n\nServices that operate in each of these areas can generate *findings*. Findings\nare records of threats or other issues that a service has found in your cloud\nenvironments. Findings are generated by the following sources:\n\n- **Built-in**: Security services that are part of Security Command Center.\n- **Integrated** : Google Cloud security services that integrate with [organization-level activations](#activation-levels) of Security Command Center. For example, Google Cloud Armor and Sensitive Data Protection.\n- **Third party** : Security services that have registered as Cloud Marketplace partners, such as [Snyk](/security-command-center/docs/how-to-configure-snyk-for-scc) and CrowdStrike Falcon, that work with organization-level activations of Security Command Center. [See all third party security services](https://console.cloud.google.com/marketplace/browse?filter=category%3Asecurity-command-center-services).\n\nFor a list of available built-in, integrated, and third party security services,\nand instructions for how to configure them, see\n[Configure Security Command Center services](/security-command-center/docs/how-to-configure-security-command-center).\n\nService tiers\n-------------\n\nSecurity Command Center is offered in three service tiers: Standard, Premium, and\nEnterprise. Each tier determines the features and services that are available to\nyou in Security Command Center.\n\nFor more information on what each tier includes, see\n[Service tiers](/security-command-center/docs/service-tiers).\n\nActivation levels\n-----------------\n\nYou can [activate Security Command Center](/security-command-center/docs/activate-scc-overview)\non an individual project, which is known as *project-level activation* , or an\nentire organization, which is known as *organization-level activation*.\n\nThe Enterprise tier requires an organization-level activation.\n\nWhat's next\n-----------\n\n- Learn about [service tiers](/security-command-center/docs/service-tiers).\n- [Activate Security Command Center](/security-command-center/docs/activate-scc-overview).\n- Learn about Security Command Center [detection services](/security-command-center/docs/concepts-security-sources).\n- Learn how to [use Security Command Center in the Google Cloud console](/security-command-center/docs/how-to-use-security-command-center).\n- [Configure your security services](/security-command-center/docs/how-to-configure-security-command-center)."]]
