Using Security Marks in Security Command Center

vaskenh · 04-29-2025 10:03 AM

Security Marks are a unique concept in Security Command Center. They allow us to annotate assets or findings in SCC with additional business context. You can apply Security Marks to both Assets and Findings.

To apply Security Marks, you'll need one or both of the following permissions depending on whether you'll be applying Security Marks to assets, to findings, or both.

For Asset Security Marks: Asset Security Marks Writer, securitycenter.assetSecurityMarksWriter
For Finding Security Marks: Finding Security Marks Writer, securitycenter.findingSecurityMarksWriter

You can add a Security Mark to an asset by navigating to the Assets view in Security Command Center and then selecting one or more assets. Click the Set Security Marks button.

Security Marks take the form of key-value pairs. Here is an example of configuring a Security Mark to add the key/value pair of stage/prod to an asset.

To learn more about Security Marks in Security Command Center, see our full documentation for this feature below.

EG-421

The SHA "allowlist" functionality was deprecated a year ago, with a "should stop working for everyone" date of 15/04/2025.
Funny thing to be posting about?

vaskenh

Thanks for pointing this out @EG-421. I've removed the overview of the allow-list functionality above and will also file a documentation update to make sure that the deprecation warning is consistent across all of the documentation.