Announcing Chef Automate integration with Google Cloud Security Command Center

Digital security continues to be a critical area of focus for enterprises. This should not be a surprise given the continuous drumbeat of serious security breaches in the news as hackers seek to exploit databases full of valuable customer information. At the same time, companies are also seeking to improve their time-to-market by moving applications to the cloud, which, if poorly configured, threatens to open even more security holes. To move fast and remain compliant, it’s vital that IT departments today develop and implement cloud-specific security policies, in concert with their cloud provider.

Google Cloud is releasing the Google Cloud Security Command Center (Cloud SCC). Chef is proud to be a launch partner with Google, delivering an integration between Cloud SCC and Chef Automate. Cloud SCC helps security teams gather data, identify threats, and act on them before they result in business damage or loss. It offers deep insight into application and data risk so that you can quickly mitigate threats to your cloud resources and evaluate overall health. As you move workloads to the cloud, it’s critical that you design cloud-native security policies and a way to detect and enforce them. Cloud SCC, combined with Chef Automate allows you to send Chef InSpec’s compliance-as-code scan data directly into Cloud SCC APIs, letting you combine these inputs with other data you are gathering in Cloud SCC to enhance your overall risk profile.

CSCC_Example

Chef Automate data, showing results of a CIS Benchmarks for Google Cloud Platform scan, populating the Google Cloud Security Command Center console.

This integration builds upon work that Chef previously announced to validate Chef Automate and its premium compliance profiles for the Center for Internet Security (CIS) Benchmark for Google Cloud Platform, Level 1 and Level 2. Chef is the first vendor to achieve this certification. Using Chef Automate’s premium profiles, you can ensure not only that virtual machines and containers inside your cloud are properly configured, but the cloud itself – including network configuration, object storage, databases, and more – are also secure.

Next Steps

To learn more about the Google Cloud Security Command Center, visit the website or read the GA announcement.

To learn more about installing Chef Automate and configuring the integration, read the documentation on Chef Automate’s website.

Julian Dunn

Julian is a former Chef employee