Google Cloud

What is Google Cloud?

Google Cloud Platform is Google's suite of cloud infrastructure and services, covering compute, storage, networking, databases, machine learning, and security. From a security operations perspective, GCP generates a rich stream of telemetry through services like Cloud Audit Logs, VPC Flow Logs, Cloud Armor, and Security Command Center. These logs capture API activity, network traffic, configuration changes, and security findings across the entire GCP environment. Google Cloud's IAM system is particularly granular, and changes to IAM policies or service account usage are critical signals for detecting privilege escalation and lateral movement in cloud environments. Security Command Center aggregates findings from across GCP services into a single dashboard, providing a unified view of misconfigurations, vulnerabilities, and active threats.

How does Google Cloud work with Qevlar?

Qevlar can ingest security telemetry from Google Cloud environments to investigate cloud-related alerts automatically. When Security Command Center or audit logs surface anomalous activity, Qevlar correlates those signals with identity and workload data to determine whether the activity indicates a genuine threat or a configuration issue requiring remediation.