Cloud computing has revolutionized how businesses operate by providing flexible and scalable solutions. However, adopting cloud technology introduces security challenges that organizations need to address effectively. Vulnerabilities in cloud applications can lead to data breaches and unauthorized access. To mitigate these risks, GCP offers the Cloud Web Security Scanner. It's a valuable tool for identifying and resolving vulnerabilities in your apps. 💻

The Scanner works by sending crafted requests to the application and analyzing the responses received. It evaluates various aspects of the application, such as outdated libraries, and potential vulnerabilities like SQL injection or cross-site scripting (XSS). By analyzing the application's behavior in real-time, it can identify security flaws that might go unnoticed in other testing methods. Make sure to only perform the scan in a testing environment as the scanner submits data and performs actions on your application. Currently, Java, Python, Go, and PHP are supported. 🛠️

Create new scan 🔍

Navigate to the security section on the GCP console. From there you can choose Web Security Scanner and create a new scan:

Create new scan

You can set a starting URL, exclude URLs, and set authentication if a login is required to scan all components of your app.

Once you schedule the scan, it's important to note that the scan doesn't execute immediately. Instead, it is queued and executed later, which may vary depending on the system load. This delay can range from a few minutes to several hours. Usually, it just takes a few minutes for me until the scan starts.

The duration of the scan depends on the size of your application. If your application is large and consists of numerous URLs, the scan may take several hours to complete. This is because the tool needs to analyze each URL and its associated components for potential vulnerabilities.

Once the scan is completed you will see all results in the scan overview.

You can also export the findings to the Security Command Center (SCC) automatically. This will enable you to process the findings via Pub/Sub and take action.

Findings in SCC

Conclusion 💭

GCP's Cloud Web Security Scanner is a useful tool for detecting vulnerabilities in your apps. However, it is crucial to know that the scanning procedure may be cumbersome and slow. ⏳ The delay in executing the scan coupled with the potentially lengthy duration of the scan itself for large applications, means that addressing vulnerabilities may not be a swift process. Here, performing routine scans rather than on-demand might be the key to success. 🔄

It is also important to keep in mind that the tool might not find as many vulnerabilities as other specialized testing tools and methods. 🛡️ While it analyzes application behavior in real-time and evaluates various aspects, its effectiveness in finding security flaws may be limited.

Despite these drawbacks, the Cloud Web Security Scanner is a practical choice for businesses using GCP. Particularly when used in conjunction with other security measures to guarantee complete protection for cloud apps. 🔒

Share this post