Security Command Center documentation
Security Command Center is Google Cloud's centralized vulnerability and threat reportingservice. Security Command Center helps you strengthen your security posture byevaluating your security and data attack surface; providing asset inventory anddiscovery; identifying misconfigurations, vulnerabilities and threats; and helping you mitigate andremediate risks.
Start your proof of concept with $300 in free credit
- Develop with our latest Generative AI models and tools.
- Get free usage of 20+ popular products, including Compute Engine and AI APIs.
- No automatic charges, no commitment.
Keep exploring with 20+ always-free products.
Access 20+ free products for common use cases, including AI APIs, VMs, data warehouses, and more.
Documentation resources
Guides
Related resources
Enabling real-time email and chat notifications
Use Pub/Sub and Cloud Functions to send Security Command Center findings to email and messaging apps.
Google Cloud Skills Boost for Security Command Center
View lectures, demos, and hands-on labs to learn about a variety of Security Command Center controls and techniques.
Getting Started with Cloud Shell & gcloud
Learn how to use Cloud Shell and the Cloud SDK gcloud command.
OWASP Top 10 mitigation options on Google Cloud
This guide helps you defend against common application-level attacks that are outlined in OWASP Top 10.
Take control of security with Cloud Security Command Center
Watch a video to learn how you can quickly respond to threats and hear from a customer that is using Security Command Center in their workflow.
Enterprise foundations guide
This comprehensive guide helps you build security into your Google Cloud deployments.
Google Cloud Well-Architected Framework
The Well-Architected Framework provides recommendations and describes best practices to help architects, developers, administrators, and other cloud practitioners design and operate a cloud topology that's secure.
Python API samples
Includes samples for managing assets, findings, notifications, and settings.
Node.js API samples
Includes samples for managing assets, findings, notifications, and settings.
Go API samples
Includes samples for managing assets, findings, notifications, and settings.
Java API samples
Includes samples for managing assets, findings, notifications, and settings.
Related videos
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-12-15 UTC.