Google Cloud Web Security Scanner was integrated by Mindflow to enable users to automate their incident management and better protect their information system.
Google Cloud Web Security Scanner Overview
Google Cloud Web Security Scanner is a built-in service part of the Google Cloud stack. It identifies common security vulnerabilities in your App Engine, Google Kubernetes Engine (GKE), and Compute Engine web applications.
Taking on identifying the most common vulnerabilities and displaying only high confidence alerts, Web Security Scanner helps you to avoid false positives. However, considering the precedent statement, it does not replace a manual security review and does not guarantee that your application is free from security flaws. In the end, it complements your existing secure design and development processes and reduces the burden by taking care of the most common vulnerabilities.
To that end, you can perform two types of scans: managed and custom. In both scans, the solution crawls your application and follows all links within the scope of the URLs you queried as starters. It thus attempts to exercise as many user inputs and event handlers as possible.
Currently, Google CLoud Web Security Scanner only supports public URLs and IPs that aren’t behind a firewall.
Managed scans are configured and managed by Security Command Center. They automatically run once each week to detect and scan your public web endpoints. These scans don’t use authentication and send GET-only requests, so they don’t submit any forms on live websites.
Custom scans provide more granular information about application vulnerability findings, like outdated libraries, cross-site scripting, or the use of mixed content.
Findings are tagged, for information about possible remediation steps purposes, according to the OWASP Top 10.
Benefits
Monitor your public web endpoints to detect the most common vulnerabilities that may affect them automatically.
Schedule managed scans or perform custom and more precise scans on particular sets of public URLs or IPs.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
