LogSentinel SIEM for
GCP Security Monitoring
Connect GCP to LogSentinel SIEM
Google Cloud Platform (GCP) is a leading IaaS provider used by thousands of companies for their IT infrastructure. There are multiple sources of security-relevant logs and events that should be ingested and correlated in order to gain proper visibility on the threat landscape.
With LogSentinel SIEM, you have a unified dashboard for real-time monitoring and insight across all aspects of GCP. Demonstrate compliance at reduced operational cost and minimize effort on audit, forensics and fraud detection.
Full GCP
Log Coverage
Integrate and view admin activity logs, data access audit logs, system event audit logs, VPC flow logs, Kubernetes (GKE) logs and more
Threat
Detection
LogSentinel discovers anomalous behaviour, as well as insider and cyber threats, based on rules, machine-learning and threat intelligence
Straightforward Integration
API-based integration allows you to collect events from multiple GCP sources by simply configuring GCP credentials with the proper permissions
Data Insights and Visualizations
Gain insights by analyzing correlated data from GCP and other cloud and on-premise sources with flexible custom queries and charts
GCP Security Monitoring Use Cases
Unauthorized access
Monitor authentication events and get alerted for anomalies
Configuration anomalies
Correlate admin activity logs and look for irregular patterns
Anomalous API calls
React to malicious API calls that can threaten the entire infrastructure
Suspicious IAM activity
Tackle account management and privilege escalation risks
Suspicious VPC traffic
Investigate suspicious traffic to and within your VPCs
