Integration Guide for GCP
This guide provides instructions for integrating AlphaSOC with your Google Cloud Platform (GCP) environment. It outlines the complete workflow, from telemetry ingestion to receiving findings.
To fully integrate AlphaSOC with your GCP infrastructure:
- Configure one or more supported GCP data origins for security monitoring.
- Configure GCS resources for telemetry storage and submission to AlphaSOC. For detailed setup instructions, refer to the GCS Setup Guide.
- Configure findings transport via preferred GCP service.
GCP Data Origins
AlphaSOC collects and analyzes telemetry from the following GCP services:
- Cloud DNS: DNS query logs for domain-based threat detection.
- Kubernetes Engine: Kubernetes cluster activity and security events.
- Security Operations: Security findings and asset data across GCP resources.
- VPC Flow Logs: Network traffic flows between VPC resources.
Escalating Findings Transport via GCP
After processing telemetry, AlphaSOC delivers findings through two primary GCP services:
- Google BigQuery: Serverless data warehouse.
- Security Operations PLANNING: Centralized security management platform.
Additional Guidance
Need help integrating AlphaSOC into your GCP environment? Contact us.