Google Security Command Center

google.security.command.center

Classification:

attack

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Goal

Detect when Google Security Command Center raises an active threat finding.

Strategy

Google Security Command Center helps you strengthen your security posture by evaluating your security and data attack surface; providing asset inventory and discovery; identifying misconfigurations, vulnerabilities and threats; and helping you mitigate and remediate risks.

This detection rule filters for threat findings which have not been muted. Findings in the Threat class identify a potential active attack or other unwanted or malicious activity.

Triage and response

  1. Investigate the finding to determine if it is malicious or benign.
  2. If the finding is deemed malicious, follow the investigation and remediation guidance provided by Google and also any internal incident response processes.
  3. If the finding is a false positive, you can reduce false positives by: