Security Command Center

GCPSecurityFree tier available

Centralised security and risk management platform for GCP with asset inventory, vulnerability scanning, threat detection, compliance reporting, and security posture dashboards

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore GCP in TreemapExplore security in HoneycombSee GCP regions on the World MapSee security as a networkScore jurisdiction exposure
DocumentationPricingGCP website

Jurisdictional exposure

Provider HQ
USMountain View, USA

Subject to CLOUD Act, FISA-702, DPF

Region locations
APACCNEEAEUUKUSOther44 regions across 7 jurisdictions
Sovereign option
Yes — 2 sovereign-flagged regions available
Full scorecard for this service →US lens detail →Sovereign cloud coverage map →

Attributes

Vulnerability Scanning
Yes
Compliance Reporting
Yes
Threat Detection
Yes

Sub-services (2)

Standard Tier

Security posture management and vulnerability scanning

Premium Tier

Advanced threat detection and compliance monitoring

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

44 regions
28 countries
2sovereign
Sovereign regions (2)
  • T-Systems Sovereign Cloud · FrankfurtT-Systems Sovereign Cloud powered by Google Cloud
  • S3NS Sovereign Cloud · ParisS3NS — Google Cloud + Thales joint venture
Commercial regions (42)

Europe (13)

  • Belgium
  • Finland
  • Paris
  • Berlin
  • Frankfurt
  • Milan
  • Turin
  • Netherlands
  • Warsaw
  • Madrid
  • Stockholm
  • Zurich
  • London

North America (12)

  • Montréal
  • Toronto
  • Querétaro
  • Northern Virginia
  • Columbus
  • Iowa
  • Dallas
  • Las Vegas
  • Los Angeles
  • South Carolina
  • Salt Lake City
  • Oregon

South America (2)

  • São Paulo
  • Santiago

Asia (9)

  • Hong Kong
  • Delhi
  • Mumbai
  • Jakarta
  • Osaka
  • Tokyo
  • Singapore
  • Seoul
  • Taiwan

Oceania (2)

  • Melbourne
  • Sydney

Middle East (3)

  • Tel Aviv
  • Doha
  • Dammam

Africa (1)

  • Johannesburg

Tags

security-posturethreat-detectioncomplianceSIEM

Equivalent services on other platforms

Alibaba Security CenterAlibaba

Unified security operations platform covering vulnerability management, malware detection, baseline configuration scanning, log audit, container image scanning, and compliance posture across Alibaba Cloud and hybrid workloads

Amazon GuardDutyAWS

Intelligent threat detection service that continuously monitors CloudTrail, VPC flow logs, and DNS logs using ML and curated threat intelligence feeds

Amazon InspectorAWS

Automated vulnerability management service that continually scans EC2, Lambda, and container images for software vulnerabilities and unintended network exposure, delivering prioritised findings with contextual risk scoring

AWS Security HubAWS

Cloud security posture management service that aggregates, prioritises, and responds to findings from GuardDuty, Inspector, Macie, IAM Access Analyzer, and 60+ third-party partners against CIS, PCI DSS, and AWS Foundational best practices

AWS ConfigAWS

Continuous configuration tracking and compliance audit service that records resource configurations, evaluates them against 400+ managed and custom rules, auto-remediates via Systems Manager, and produces conformance packs aligned with CIS, PCI DSS, HIPAA, and NIST

Microsoft Defender for CloudAzure

Unified cloud security posture management (CSPM) and cloud workload protection (CWPP) platform with compliance dashboards, secure score, and regulatory standards assessments

Microsoft SentinelAzure

Cloud-native SIEM and security orchestration platform (now Microsoft Sentinel) with ML-based threat detection, hunting queries, playbook automation, and 100+ data connectors

IBM Cloud Security and Compliance CenterIBM

Unified CSPM and compliance posture service covering IBM Cloud and hybrid-cloud estates, with built-in scans against CIS Benchmark, FS Cloud Controls, NIST 800-53, and custom profiles, plus findings aggregation into IBM QRadar

Red Hat Advanced Cluster SecurityOpenShift

Kubernetes-native runtime threat detection, vulnerability management, and supply-chain security (formerly StackRox) covering build, deploy, and runtime phases

Pricing

Pricing model:tiered