This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of theService Specific Terms. Pre-GA features are available "as is" and might have limited support. For more information, see thelaunch stage descriptions.

Note: This feature is available with either theEnterprise or Premium tier of Security Command Center.

You can enable and use Notebook Security Scannerto detect vulnerabilities in Python packages that are used inColab Enterprise notebooks (files with theipynb filename extension)and resolve those package vulnerability findings.

After you enable Notebook Security Scanner, it scans Colab Enterprisenotebooks once in every 24 hours and publishes the package vulnerability findingsto the Security Command CenterFindings page.

You can use Notebook Security Scanner for Colab Enterprise notebooksthat are created in the following regions:us-central1,us-east4,us-west1,andeurope-west4.

Enable Notebook Security Scanner

You can enable Notebook Security Scanner at the organization levelor project level.

The way you enable Notebook Security Scanner depends on whetherSecurity Command Center needs to be activated for your organization or project, or onthe Security Command Center tier that is activated for your organization or project.Depending on your use case, follow the instructions in the appropriate section:

Review and resolve package vulnerability findings

After you enable Notebook Security Scanner, Notebook Security Scannerscans the Colab Enterprise notebooks (files with theipynb filename extension)in your project or organization every 24 hours to detect vulnerabilities inPython packages and publishes these findings to the Security Command CenterFindings page. For a newly created Colab Enterprisenotebook, the package vulnerability findings might take a maximum of four hoursto appear in the Security Command CenterFindings page.

To review package vulnerability findings in Security Command Center, follow thesesteps:

1. In the Google Cloud console, go to the Security Command CenterFindings page.

   Go to Findings

2. In the resource selector, select your organization or project.

3. In theQuick filters section, go to theSource display name subsection,and then selectNotebook Security Scanner.

   TheFindings query results panel shows only thepackage vulnerability findings of Notebook Security Scanner.

4. To view details of a specific finding, click the finding name in theCategory column. The finding details panel expands to display a summaryof the finding details.

   Note: There might be some vulnerabilities published with packages and versions which might not be present in the notebook. This is because, for the Python packages that are being installed without versions in unexecuted code cells, Notebook Security Scanner assumes the latest package version according to thePython Package Index (PyPI) and publishes any vulnerabilities.

5. To resolve a package vulnerability finding, follow the steps mentioned in theNext steps section of the finding.

   In some cases, a fix for a package vulnerability might not be available.In such cases, we recommend that you use alternative Python packages.

What's next

• View package vulnerability findings.