Audit Google Cloud Platform in Tenable.io

Tenable offers the ability to audit the Google Cloud Platform (GCP) environment to detect misconfigurations in the cloud environment and account settings using Tenable.io. Complete the following steps to audit GCP in Tenable.io.

For more information on the GCP audit, see Google Cloud Platform (Nessus Compliance Checks) in the Compliance Checks Reference.

Before you begin:

Note: No pre-authorization is needed from Google to perform the audit, but a Google Cloud Platform account is required.

To audit GCP in Tenable.io:

  1. Log in to Tenable.io.
  2. Click New Scan.

    The My Scans page appears.

  3. Select the Audit Cloud Infrastructure template.

    The Audit Cloud Infrastructure page appears.

  4. In the Name box, type a descriptive name for the scan.
  5. (Optional) In the Description box, enter information to describe your scan.
  1. Click Compliance.

  2. Click Google Cloud Platform.

    Tenable offers pre-configured compliance checks and provides the ability to upload a custom GCP audit file.

    Note: For information on creating a custom audit, see Google Cloud Platform (Nessus Compliance Checks) in the Nessus Compliance Checks Reference Guide.

  3. Click each compliance check you want to add to the scan.
  4. If you choose to add a custom audit file, click Add File and select the file to upload.

  1. Click Credentials.

  2. Click Google Cloud Platform.

  3. Click Add File and select the JSON key file downloaded during step 11 of Configure Google Cloud Platform for a Compliance Audit.

  4. Configure the credentials for your selected authentication method.

  5. Click Save.

  6. Click the drop-down arrow next to Save and select Launch to initiate the scan.

Note: For additional information on configuring Tenable.io scans, refer to the Tenable.io User Guide.