Google Cloud Security Audit
The Google Cloud offers a wide range of services, some of which can be very closely interlinked. There are also a variety of security settings that can be made to make the environment as secure as possible. The complex authorization concepts alone, which can be changed not only by humans but also by machines and automated processes, result in a high degree of complexity. This can easily lead to security problems that potential attackers can exploit.
NSIDE offers a comprehensive audit of the security-relevant configuration of Google Cloud environments or projects and the services and accounts used. This focuses on settings that have a direct or indirect influence on the security of cloud resources or the data processed there. This includes in particular, but is not limited to: access rights to cloud resources for third parties; IAM (user accounts, rights, policies, roles), the most important services (e.g. Compute Engine, Cloud Storage, Cloud CDN, Kubernetes Engine), firewalling, general isolation against unwanted access from the Internet, monitoring & alerting, as well as lateral movement options within the Google Cloud environment through machine roles and automated processes.