Stay organized with collections
Save and categorize content based on your preferences.
The Risk section in the Google Cloud console helps you to manage the highest
profile risks in your cloud environment.
The Overview page serves as your first contact security dashboard,
highlighting the highest priority risks in your cloud environments. You can view
multiple domains in Overview by selecting one of the following views:
The All risk dashboard surfaces the following high-priority security risks
across your cloud environments:
Riskiest issues, which shows at-a-glance information for your top
issues, including simplified
attack paths or evidence diagrams.
Recent Google Cloud threats that are active in your cloud environments.
High-impact, exploitable vulnerabilities, prioritized by the resources
impacted by them.
The dashboard also displays your progress in Compliance, like NIST, HIPAA,
PCI-DSS, and CIS, reported as a percentage of how many controls are passing.
In most cases you can interact with individual high priority risks for a brief
summary, continue on to a more detailed view of each risk, or view all risks of
a specific type.
Vulnerabilities dashboard
The Vulnerabilities dashboard gives insights into virtual machines and
containers with exploitable vulnerabilities across your cloud environments. The
dashboard displays the following information:
Top common vulnerabilities and exploits. Displays a clickable quadrant
heatmap to help you filter vulnerabilities by
exploitability
and impact (risk
rating).
The number of unique resources affected, and the findings related to those
resources are shown in a table after the heatmap. Each unique resource might
have more than one finding.
To reset the heatmap, click a heatmap cell again.
Most common critical exploitable vulnerabilities. A list of highly
exploitable vulnerabilities found in your cloud environments, prioritized by
the total number of unique resources impacted by them.
Expand a CVE section to view its descriptions, which are findings related to
the CVE and the resources they affect. Because different findings can affect
the same resource, the sum of all resource counts in the expanded
description might be greater than the unique resource count in the heading
row.
Containers with exploitable vulnerabilities. A list of containers with
exploitable vulnerabilities, where the vulnerability exploitation
activity
rating is available, confirmed, or wide and the risk rating
is critical, based on the assessment of Google Threat Intelligence. The
list is ordered by attack exposure
score, then by largest number of
impacted resources.
Latest compute vulnerabilities with known exploits. A list of
Compute Engine virtual machine instances that have exploitable
vulnerabilities with findings that belong to the OS_VULNERABILITY or
SOFTWARE_VULNERABILITY category.
From here you can check the following:
The attack exposure score of the exploit. Click the score to see the
attack paths to your exposed high-value
resources.
The AI Security dashboard (Preview) provides a
high-level view of your AI security posture.
The dashboard displays the following sections:
Riskiest AI Issues: View top risks in your AI inventory, prioritized by
the highest attack exposure scores.
Click any issue to see details.
AI Inventory: Get an overview of projects with generative AI activity,
models used, and datasets. Click nodes for details. If
Sensitive Data Protection is enabled, the dashboard indicates if datasets
contain sensitive data.
Findings: Assess and manage findings generated by AI security and data
security policies.
Sensitive data in Vertex AI datasets: Assess and manage findings of
sensitive data in Vertex AI datasets.
Model Armor Findings: View a graph of prompts and responses that are scanned by
Model Armor, with detected issues such as prompt injection
and sensitive data detection.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[],[],null,["# Assess risk at a glance\n\n| Enterprise [service tier](/security-command-center/docs/service-tiers) (requires [organization-level activation](/security-command-center/docs/activate-scc-overview#overview_of_organization-level_activation))\n\nThe **Risk** section in the Google Cloud console helps you to manage the highest\nprofile risks in your cloud environment.\n\nThe **Overview** page serves as your first contact security dashboard,\nhighlighting the highest priority risks in your cloud environments. You can view\nmultiple domains in **Overview** by selecting one of the following views:\n\n- [All risk](#all-risk)\n- [Vulnerabilities](#vulnerabilities)\n- [Code](#code)\n- [AI security](#ai-protection) ([Preview](/products#product-launch-stages))\n\nAll risk dashboard\n------------------\n\nThe **All risk** dashboard surfaces the following high-priority security risks\nacross your cloud environments:\n\n- **Riskiest issues** , which shows at-a-glance information for your top [issues](/security-command-center/docs/issues-overview), including simplified attack paths or evidence diagrams.\n- **Recent Google Cloud threats** that are active in your cloud environments.\n- **High-impact, exploitable vulnerabilities**, prioritized by the resources impacted by them.\n\nThe dashboard also displays your progress in **Compliance**, like NIST, HIPAA,\nPCI-DSS, and CIS, reported as a percentage of how many controls are passing.\n\nIn most cases you can interact with individual high priority risks for a brief\nsummary, continue on to a more detailed view of each risk, or view all risks of\na specific type.\n\nVulnerabilities dashboard\n-------------------------\n\nThe **Vulnerabilities** dashboard gives insights into virtual machines and\ncontainers with exploitable vulnerabilities across your cloud environments. The\ndashboard displays the following information:\n\n- **Top common vulnerabilities and exploits** . Displays a clickable quadrant\n heatmap to help you filter vulnerabilities by\n [exploitability](/security-command-center/docs/reference/rest/v2/organizations.sources.findings#exploitationactivity)\n and impact [(risk\n rating)](/security-command-center/docs/reference/rest/v2/organizations.sources.findings#riskrating).\n The number of unique resources affected, and the findings related to those\n resources are shown in a table after the heatmap. Each unique resource might\n have more than one finding.\n\n To reset the heatmap, click a heatmap cell again.\n- **Most common critical exploitable vulnerabilities**. A list of highly\n exploitable vulnerabilities found in your cloud environments, prioritized by\n the total number of unique resources impacted by them.\n\n Expand a CVE section to view its descriptions, which are findings related to\n the CVE and the resources they affect. Because different findings can affect\n the same resource, the sum of all resource counts in the expanded\n description might be greater than the unique resource count in the heading\n row.\n- **Containers with exploitable vulnerabilities** . A list of containers with\n exploitable vulnerabilities, where the vulnerability [exploitation\n activity](/security-command-center/docs/reference/rest/v2/organizations.sources.findings#exploitationactivity)\n rating is `available`, `confirmed`, or `wide` and the [risk rating](/security-command-center/docs/reference/rest/v2/organizations.sources.findings#Finding.RiskRating)\n is `critical`, based on the assessment of Google Threat Intelligence. The\n list is ordered by [attack exposure\n score](/security-command-center/docs/attack-exposure-learn), then by largest number of\n impacted resources.\n\n- **Latest compute vulnerabilities with known exploits** . A list of\n Compute Engine virtual machine instances that have exploitable\n vulnerabilities with findings that belong to the `OS_VULNERABILITY` or\n `SOFTWARE_VULNERABILITY` category.\n\n From here you can check the following:\n - The attack exposure score of the exploit. Click the score to see the attack paths to your exposed [high-value\n resources](/security-command-center/docs/attack-exposure-learn#high-value_resources).\n - How many [configured high-value resources](/security-command-center/docs/attack-exposure-learn#resource-value-configurations) have been exposed due to the vulnerability, that have a [priority](/security-command-center/docs/attack-exposure-learn#priority-values-manual) of `HIGH`, `MEDIUM`, or `LOW`.\n - The **Exploit release date**, which is when the vulnerability was announced.\n - The **First available date**, which is when an exploit was first observed.\n - The [level of exploitability](/security-command-center/docs/reference/rest/v2/organizations.sources.findings#exploitationactivity) of the vulnerability.\n\nCode dashboard\n--------------\n\nThe **Code** dashboard shows code vulnerabilities in your cloud environments\nfound by Snyk. To use it, you need to [set up the Snyk integration](/security-command-center/docs/how-to-configure-snyk-for-scc).\n\nYou can also [view code vulnerabilities in the Google Cloud console](/security-command-center/docs/code-security-findings-snyk).\n\nAI Security dashboard\n---------------------\n\nThe **AI Security** dashboard ([Preview](/products#product-launch-stages)) provides a\nhigh-level view of your AI security posture.\n\nThe dashboard displays the following sections:\n\n- **Riskiest AI Issues** : View top risks in your AI inventory, prioritized by the highest [attack exposure scores](/security-command-center/docs/attack-exposure-learn). Click any issue to see details.\n- **AI Inventory**: Get an overview of projects with generative AI activity, models used, and datasets. Click nodes for details. If Sensitive Data Protection is enabled, the dashboard indicates if datasets contain sensitive data.\n- **Findings**: Assess and manage findings generated by AI security and data security policies.\n- **Sensitive data in Vertex AI datasets**: Assess and manage findings of sensitive data in Vertex AI datasets.\n- **Model Armor Findings**: View a graph of prompts and responses that are scanned by\n Model Armor, with detected issues such as prompt injection\n and sensitive data detection.\n\n | **Note:** If Model Armor is not configured for any of the projects in the organization or a template is not created, the Model Armor widgets in the AI Security dashboard won't show any data. For configuration steps, see [Configure\n | Model Armor](/security-command-center/docs/configure-ai-protection#configure-model)"]]
