A company wants to detect and prioritize vulnerabilities in their Compute Engine VMs and GKE clusters. They also need a centralized view of security findings across their organization. Which service should they use?
SCC provides vulnerability scanning and centralized security management.
Why this answer
Security Command Center (SCC) is the central vulnerability and threat detection service for GCP. It finds misconfigurations, vulnerabilities, and threats across services like Compute Engine and GKE, and provides a dashboard for prioritization. Chronicle is a SIEM for log analysis, not vulnerability scanning.
Cloud IDS is for network intrusion detection. Web Risk API is for checking URLs against threat lists.