Note
We’ve renamed Microsoft Cloud App Security. It’s now called Microsoft Defender for Cloud Apps. In the coming weeks, we’ll update the screenshots and instructions here and in related pages. For more information about the change, see this announcement. To learn more about the recent renaming of Microsoft security services, see the Microsoft Ignite Security blog.
Microsoft Defender for Cloud Apps provides you with a security configuration assessment of your Google Cloud Platform (GCP) environment. This assessment provides fundamental security recommendations based on the Center for Internet Security (CIS) benchmark for GCP, version 1.1.0.
This assessment provides an organizational view of security configuration recommendations of all GCP projects and enables security admins to investigate of security configuration gaps and initiate remediation by the resource owners.
Prerequisites
- You must set up GCP Security Command Center with Security Health Analytics for all your GCP projects in your organization. For more information, see Setting up GCP Security Command Center and Enable Security Health Analytics.
- Your GCP projects must be connected to Defender for Cloud Apps. For more information, see Connect GCP to Microsoft Defender for Cloud Apps.
How to view GCP security recommendations
- In Defender for Cloud Apps, browse to Investigate > Security configuration, and then select the Google Cloud Platform tab.
Note
It might take up to 15 minutes before your changes take effect.
- You can filter the recommendations by type, by resource, and by subscription. Additionally, you can click on the security configuration icon to open the recommendation in GCP Security Command Center for more information and to deep dive into the recommendation.
Note
To make investigation even simpler, you can create custom queries and save them for later use. After you’ve finished building your query, click the Save as button in the top right corner of the filters. In the Save query pop-up, name your query.
- Select a recommendation to view additional information about the recommendation including a description and detailed remediation guidelines.