I rate Google Cloud Security Command Center a seven and a half out of ten. While it is a ten from a security perspective, it requires improvements in areas such as operations, alerting, and automation to enhance the overall system experience. I would definitely recommend Google Cloud Security Command Center to others. They have different tiers in GCP, with support being one key aspect, making it a reliable system that can meet various needs with strong service options, especially for businesses or research-focused projects. I would recommend using Google Cloud Security Command Center if a customer has only Google-related environments. However, for customers with AWS, Azure, or hybrid systems, they would need a third-party tool such as Palo Alto Prisma Cloud, which provides various services and can integrate well, especially from a security perspective. I have worked with Palo Alto and completed their CSPM certification. My overall rating for Google Cloud Security Command Center is seven and a half out of ten.
Security Consultant at a consultancy with 51-200 employees
Consultant
Top 10
Jul 3, 2024
I would recommend using it but only if you have analysts who understand Google Cloud. If you have an external SOC who doesn't, maybe wait and look for something more widely used. If you're specialized in GCP and have a competent SOC, go for it. I like it to some degree, but not as much as AWS and Azure. Overall, I would rate the product a six out of ten, with ten being the best.
Infosec Module Lead at a tech vendor with 201-500 employees
Real User
Top 5
Apr 11, 2024
In terms of identifying, the solution is pretty good. It takes care of all the layers. We have Cloud, Kubernetes cluster, instances running, and network. We have identities, permissions, and access. It provides pictures of everything in GCP. There's no such integration required. There are Google APIs that you need to enable. The compliance reporting feature helped us maintain a baseline of compliance within the information security policies. It's pretty stable and scalable. However, visibility can be improved along with automation. SCC to provide an option to fix those things, perhaps by clicking a button. For example, if a firewall rule allows an application to accept HTTP traffic, I should be able to address that specific issue directly within the interface. It's just a regular call to action button. There are no prerequisites for the solution. It's a requirement to have good security visibility into your Google Cloud Infrastructure. Cloud Security Command Center could be a good product to consider. There are other open-source solutions available. There are solutions from Aqua that are pretty decent. I would recommend that if somebody is opting for SCC, they should also explore open-source solutions. Open-source solutions can be very beneficial, especially if they are pursuing a multi-cloud strategy. You won't need additional security tools for platforms like AWS or others. Whenever a security issue pops up, a generative AI backend provides a summary of what happened. The information provided is quite detailed. Overall, I rate the solution an eight out of ten.
Google Cloud Security Engineer at a tech services company with 11-50 employees
Real User
Nov 14, 2023
Google Security Command Center definitely offers a significant return on investment, particularly in terms of compliance. It streamlines the process for companies planning to expand, making it remarkably easy to ensure compliance with various standards. Compared to traditional methods that involve bringing in consultants, mapping assets, and extensive training, this tool allows for swift and efficient infrastructure security configurations, completing the process in a week or less. Overall, I rate the solution an eight out of ten.
Learn what your peers think about Google Cloud Security Command Center. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
Google Cloud Security Command Center streamlines security management by providing comprehensive visibility into asset security posture, empowering organizations to identify vulnerabilities and threats effectively.Google Cloud Security Command Center offers a centralized platform for organizations to manage their security landscape, providing tools like threat detection and vulnerability scanning to protect cloud assets. Users benefit from its integration capabilities and detailed reporting,...
I rate Google Cloud Security Command Center a seven and a half out of ten. While it is a ten from a security perspective, it requires improvements in areas such as operations, alerting, and automation to enhance the overall system experience. I would definitely recommend Google Cloud Security Command Center to others. They have different tiers in GCP, with support being one key aspect, making it a reliable system that can meet various needs with strong service options, especially for businesses or research-focused projects. I would recommend using Google Cloud Security Command Center if a customer has only Google-related environments. However, for customers with AWS, Azure, or hybrid systems, they would need a third-party tool such as Palo Alto Prisma Cloud, which provides various services and can integrate well, especially from a security perspective. I have worked with Palo Alto and completed their CSPM certification. My overall rating for Google Cloud Security Command Center is seven and a half out of ten.
I would recommend using it but only if you have analysts who understand Google Cloud. If you have an external SOC who doesn't, maybe wait and look for something more widely used. If you're specialized in GCP and have a competent SOC, go for it. I like it to some degree, but not as much as AWS and Azure. Overall, I would rate the product a six out of ten, with ten being the best.
In terms of identifying, the solution is pretty good. It takes care of all the layers. We have Cloud, Kubernetes cluster, instances running, and network. We have identities, permissions, and access. It provides pictures of everything in GCP. There's no such integration required. There are Google APIs that you need to enable. The compliance reporting feature helped us maintain a baseline of compliance within the information security policies. It's pretty stable and scalable. However, visibility can be improved along with automation. SCC to provide an option to fix those things, perhaps by clicking a button. For example, if a firewall rule allows an application to accept HTTP traffic, I should be able to address that specific issue directly within the interface. It's just a regular call to action button. There are no prerequisites for the solution. It's a requirement to have good security visibility into your Google Cloud Infrastructure. Cloud Security Command Center could be a good product to consider. There are other open-source solutions available. There are solutions from Aqua that are pretty decent. I would recommend that if somebody is opting for SCC, they should also explore open-source solutions. Open-source solutions can be very beneficial, especially if they are pursuing a multi-cloud strategy. You won't need additional security tools for platforms like AWS or others. Whenever a security issue pops up, a generative AI backend provides a summary of what happened. The information provided is quite detailed. Overall, I rate the solution an eight out of ten.
Google Security Command Center definitely offers a significant return on investment, particularly in terms of compliance. It streamlines the process for companies planning to expand, making it remarkably easy to ensure compliance with various standards. Compared to traditional methods that involve bringing in consultants, mapping assets, and extensive training, this tool allows for swift and efficient infrastructure security configurations, completing the process in a week or less. Overall, I rate the solution an eight out of ten.