1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Administrator's Guide
    5. Configure External Integrations on Prisma Cloud
    6. Integrate Prisma Cloud with Google Cloud Security Command Center (SCC)

    Integrate Prisma Cloud with Google Cloud Security Command Center (SCC)

    Learn how to integrate Prisma™ Cloud with Google Cloud Security Command Center (SCC).
    Integrate Prisma™ Cloud with Google Cloud Security Command Center (SCC) for centralized visibility in to security and compliance risks associated with your cloud assets on the Google Cloud Platform (GCP).
    You can set up this integration for a GCP Organization that you are monitoring with Prisma Cloud. The alerts generated by Prisma Cloud for GCP accounts based on your alert rule are posted to Google Cloud SCC. To show Prisma Cloud alerts in Google Could SCC for cloud accounts of other cloud types (such as AWS and Azure), contact Prisma Cloud support on the Palo Alto Networks LIVE Community.
    1. The service account you use to onboard the GCP Organization in to Prisma Cloud should include Viewer, Organization Viewer, and Security Center Findings Editor roles.
    2. To view assets and findings on the Cloud SCC console, enable the
      Cloud Security Command Center API
      .
      1. Go to the GCP Console API Library and select your GCP project.
        Make sure to enable the
        Cloud Security Command Center API
         in the project owns the Service Account that you will use to onboard the GCP Organization into Prisma Cloud.
      2. Enable APIs and Services
        .
      3. Enable the
        Cloud Security Command Center API
        .
    3. Sign up for the Prisma Cloud SCC solution on the Google console.
      A security center administrator can set up this integration on the Google console.
      1. Go to the Google Console and search for
        Prisma Cloud CSCC
        .
      2. Visit Palo Alto Networks site to Signup
        .
        cscc-signup-prisma-cloud.png
      3. Select the organization that you onboarded in to Prisma Cloud.
      4. Select the
        Service account
         you used to onboard the GCP Organization.
        cscc-select-service-account.png
      5. Copy the
        Source ID
        . You need the
        Source ID
         when you set up this integration in Prisma Cloud.
      6. Click
        Done
        .
    4. Set up Google Cloud SCC as one of the integration channels in Prisma Cloud.
      1. Log in to Prisma Cloud.
      2. Select
        Settings
        Integrations
        .
      3. Create a
        +New Integration
        .
      4. Select
        CSCC
         as the
        Integration Type
        .
      5. Specify a meaningful
        Integration Name
         and
        Description
        .
      6. Enter the
        Source ID
         that you copied Prisma Cloud
        cscc-add-integration-in-prisma-cloud.png
      7. Select the
        GCP Organization
        .
      8. Click
        Next
         and then
        Test
        .
        For a successful integration, you must configure adequate permissions for the service account (as listed above). After you successfully set up the integration, the status
        Settings
        Integrations
        ) turns red when there are any issues and green when there are no issues or all issues are resolved.
    5. Create an Alert Rule or modify an existing rule to send alerts to Google Cloud SCC. See Send Prisma Cloud Alert Notifications to Third-Party Tools.
    6. View alerts in Cloud SCC.
      1. Go to the Google Console and select
        Security
        Security Command Center
        .
        cscc-security-command-center.png
      2. Click
        Findings
         to view the alerts.
        cscc-findings.png
      3. Select the rule to see the details about the alerts.
        cscc-alerts.png

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2020 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo