Application & cloud security

Google Cloud Platform (GCP)

Google Cloud Platform, offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search and YouTube.

What we look at:

​Gmail accounts

Multi-factor authentication, Service Account, Admin Priviledges, Encryption Keys, Separation of Duties, API Key Rotation and Restrictions

Logging and Monitoring
Cloud Audit Logging is configuration for relevant projects and config. changes

Networking

  • Evaluate instances of default and legacy networks
  • Proper configration of SSH, RDP, Private Google Access
  • Ensure the default network does not exist in a project (Scored)


Virtual Machines
Virtual Machine Accounts, use of OSlogin, evaluate usage of IP forwarding, access to Cloud Storage bucket and logging conifugrations.

Cloud SQL Database Services
SSL usage and access to Cloud SQL database instance and admin priviledges and root access to MySQL databases

Kubernetes Engine

  • Stackdriver Logging and Stackdriver Monitoring
  • The use of basic authorization
  • Network policy use
  • Client Certificates
  • Private cluster
  • Usage of web ui/dashboard
  • Use of authorized networks