Google Cloud Web Security Scanner was integrated by Mindflow to enable users to automate their incident management and better protect their information system.
Google Cloud Web Security Scanner is a built-in service part of the Google Cloud stack. It identifies common security vulnerabilities in your App Engine, Google Kubernetes Engine (GKE), and Compute Engine web applications.
Taking on identifying the most common vulnerabilities and displaying only high confidence alerts, Web Security Scanner helps you to avoid false positives. However, considering the precedent statement, it does not replace a manual security review and does not guarantee that your application is free from security flaws. In the end, it complements your existing secure design and development processes and reduces the burden by taking care of the most common vulnerabilities.
To that end, you can perform two types of scans: managed and custom. In both scans, the solution crawls your application and follows all links within the scope of the URLs you queried as starters. It thus attempts to exercise as many user inputs and event handlers as possible.
Currently, Google CLoud Web Security Scanner only supports public URLs and IPs that aren’t behind a firewall.
Managed scans are configured and managed by Security Command Center. They automatically run once each week to detect and scan your public web endpoints. These scans don’t use authentication and send GET-only requests, so they don’t submit any forms on live websites.
Custom scans provide more granular information about application vulnerability findings, like outdated libraries, cross-site scripting, or the use of mixed content.
Findings are tagged, for information about possible remediation steps purposes, according to the OWASP Top 10.
Monitor your public web endpoints to detect the most common vulnerabilities that may affect them automatically.
Schedule managed scans or perform custom and more precise scans on particular sets of public URLs or IPs.