NOTE: This feature is no longer supported, but the Cloudflare Security Center may offer some solutions for your needs.
How great would it be to have a dashboard with a holistic view of threats, malicious server activity, vulnerabilities, sensitive data access levels and a daily scan of resources across all of your applications and services? Now you can.
Cloudflare is thrilled to announce its integration with Cloud Security Command Center (Cloud SCC) for Google Cloud Platform: A security and data risk platform helping enterprises gather data, identify threats, and act on them before they result in business damage or loss.
The advantage of the Cloud SCC solution is that it surfaces insights from both the Google Cloud Platform, as well as Cloudflare’s edge, in a unified dashboard.
What Cloudflare data is visible within the Cloud SCC dashboard?
Through Cloudflare’s API endpoints, data is pushed to Google’s Cloud SCC dashboard and domain name information mapped to the appropriate Google Cloud asset. Cloudflare’s branded card in the Cloud SCC dashboard is automatically populated with a summary of top theat origins, top types of threats, and latest Web Application Firewall (WAF) events.
To view a full list of Cloudflare events, click on the Cloudflare card in Cloud SCC and it will take you to a “Cloudflare Findings” page. From there, you can select a time period of visible events. The “Findings” table shows what type of event, when it happened, and which asset (website, application, or API) was involved.
Every Cloudflare finding offers detailed information, including: country source, IP source of original request, requested Hostname, requested URI, User Agent, protocol type, method (GET/POST), action taken, rule triggered, and more.
Cloudflare’s findings in the Cloud SCC dashboard highlight which requests were blocked or challenged, and why. To take action on this data, you’ll need to login to your Cloudflare dashboard (link available directly from within Cloud SCC) or configure changes through the Cloudflare API.