Stay organized with collections
Save and categorize content based on your preferences.
Security Command Center offers multiple services that detect vulnerabilities in
containers, the operating systems and software found in VMs, and web
applications. Where vulnerabilities can be detected depends on the cloud service
you're using.
The findings from this service have a category of
CONTAINER_IMAGE_VULNERABILITY.
Kubernetes security posture dashboard:
Provides opinionated, actionable findings about potential security issues
in your Google Kubernetes Engine (GKE) clusters.
The findings from this service are issued in the VULNERABILITY and
MISCONFIGURATION finding classes.
VM Manager:
Identifies vulnerabilities in operating systems that are installed on VMs,
including Common Vulnerabilities and Exposures (CVEs).
The findings from this service have a category of OS_VULNERABILITY.
Vulnerability Assessment for Google Cloud:
Helps to discover critical and high severity software vulnerabilities in
your Compute Engine VM instances without installing agents.
The findings from this service have categories of OS_VULNERABILITY and
SOFTWARE_VULNERABILITY.
Web Security Scanner:
Identifies security vulnerabilities in your App Engine,
GKE, and Compute Engine web applications.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[],[],null,["Security Command Center offers multiple services that detect vulnerabilities in\ncontainers, the operating systems and software found in VMs, and web\napplications. Where vulnerabilities can be detected depends on the cloud service\nyou're using.\n\n\u003cbr /\u003e\n\nAWS\n\n[**Vulnerability Assessment for AWS**](/security-command-center/docs/vulnerability-assessment-aws-overview):\nDetects vulnerabilities in the following AWS resources:\n\n- Software packages installed on [Amazon EC2 instances](https://aws.amazon.com/ec2/).\n- Software packages and operating system misconfigurations in Elastic Container Registry (ECR) images.\n\nThe findings from this service have a category of `SOFTWARE_VULNERABILITY`.\n\nGoogle Cloud\n\n- [**Artifact Registry vulnerability assessment**](/security-command-center/docs/concepts-security-sources#ar-vuln-assessment):\n Finds vulnerabilities in container images stored in Artifact Registry or\n deployed to one of the following assets:\n\n - App Engine\n - Cloud Run job\n - Cloud Run\n - Google Kubernetes Engine cluster\n\n The findings from this service have a category of\n `CONTAINER_IMAGE_VULNERABILITY`.\n- [**Kubernetes security posture dashboard**](/security-command-center/docs/concepts-security-sources#gke-security-posture-dashboard):\n Provides opinionated, actionable findings about potential security issues\n in your Google Kubernetes Engine (GKE) clusters.\n\n The findings from this service are issued in the `VULNERABILITY` and\n `MISCONFIGURATION` finding classes.\n- [**VM Manager**](/security-command-center/docs/concepts-security-sources#vm_manager):\n Identifies vulnerabilities in operating systems that are installed on VMs,\n including Common Vulnerabilities and Exposures (CVEs).\n\n The findings from this service have a category of `OS_VULNERABILITY`.\n- [**Vulnerability Assessment for Google Cloud**](/security-command-center/docs/vulnerability-assessment-google-cloud):\n Helps to discover critical and high severity software vulnerabilities in\n your Compute Engine VM instances without installing agents.\n\n The findings from this service have categories of `OS_VULNERABILITY` and\n `SOFTWARE_VULNERABILITY`.\n- [**Web Security Scanner**](/security-command-center/docs/concepts-web-security-scanner-overview):\n Identifies security vulnerabilities in your App Engine,\n GKE, and Compute Engine web applications."]]
