This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Top CVE findings on your virtual machines

Posted on 06-20-2024 03:51 AM
subrahmanyam425
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi,

I am facing issue with Security Command Center(RiskOverview) page and given detailed steps as below.

  1. I have permissions for Security Command Center(SCC) with "Enterprise" at Organization level and  "Premium" at Project level. 
  2. But I could not be able to see any information in "RiskOver" page for  "Top CVE findings on your virtual machines". 
  3. I have gone through various SCC documentations and changed IAM permissions for my account to see the information for  "Top CVE findings on your virtual machines".
  4. After trying a lot of ways, I came to here for a solution. Please suggest how to proceed further and if any other information is required from myside, please let me know. I will provide the required information.

Thanks and regards,
Subrahmanyam

0 5 722
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
vaskenh
Staff
Reply posted on --/--/---- --:-- AM

Hi @subrahmanyam425 .  This feature requires enabling VM Manager.  Please see the below documentation on VM Manager and the associated setup process. 

https://cloud.google.com/security-command-center/docs/concepts-security-sources#vm_manager 

0 Likes

Posted on --/--/---- --:-- AM
subrahmanyam425
Bronze 1
Bronze 1
In response to vaskenh
Reply posted on --/--/---- --:-- AM

Hi @vaskenh 

I have previously followed it and also enabled VM manager API in my current project as well but that solution did not work for me.. I was able to see all components in Risk Overview page(SCC) except the "Top CVE findings on your virtual machines". For better understanding, I am attaching a screenshot. 

For your information, I have installed xz-utils vulnerability and also see CVE under compute engine( under OS_Info). But the same(CVEs) are not reflecting in Findings page as well as "Top CVE findings on your virtual machines".

subrahmanyam425_0-1719290181209.png

 






0 Likes

Posted on --/--/---- --:-- AM
andras
Staff
In response to subrahmanyam425
Reply posted on --/--/---- --:-- AM

I was having a look through the notes on this topic and trying to narrow down where the issue maybe.

Can you see the Vulnerabilities for the instance under the VM instance details? 

Screenshot 2024-07-16 at 16.37.48.png

Can you see the Vulnerability when looking for Vulnerabilities in your Findings List?

Screenshot 2024-07-16 at 16.42.50.png

0 Likes

Posted on --/--/---- --:-- AM
siva_narla
Bronze 1
Bronze 1
In response to andras
Reply posted on --/--/---- --:-- AM

Hi Andras,

I am having the same issues, where we have enabled VM Manger and Web Security Scanner. But, I don't see OS vulnerabilities on both sections you mentioned above.

0 Likes

Posted on --/--/---- --:-- AM
andras
Staff
In response to siva_narla
Reply posted on --/--/---- --:-- AM

I would normally only expect to see Findings in SCC if the VM Manager part is enabled and running properly. If you don't see anything in the VM Manager part i would recommend trying to concentrate on that part first and verify if all the requirements (including the OS Agent) are present and met. I would recommend checking out this link for all the pre-reqs and steps and see if anything missing 

0 Likes
Top Solution Authors
View all