← Back to all integrations
Automate compliance management for critical infrastructure services.
InstallInstall

Google Cloud

Services Automated

  • Google Container Registry (GCP)

Automate Asset Inventories

Once you integrate your GCP accounts with Comply, Comply will display the GCR resources, such as the container repos owned by that AWS account. Comply gives you visibility into your GCP resources and simplifies the process of identifying your asset inventory by automatically updating and tagging "Container Repo" assets in Comply.

Automate asset-based procedures

Comply makes it easy to stay on top of your governance and compliance processes through automated asset-based procedures. You can configure procedures in Comply to automatically trigger tickets whenever it detects a new or an inactive asset. For example, Comply can automatically trigger a ticket with your data deletion procedure to ensure data is deleted from backups and snapshots within 60 days when it detects that a container repo has been deactivated in your GCP account.

Automate evidence collection

Comply will scan GCR to ensure that security measures are correctly implemented (see the Automations table below for the full scope of what evidence is automatically collected).

Automate issue detection

When a Comply scan identifies something that's against common security practices, the Automation will create an issue. These issues can be automatically tracked and have reminders to help expedite remediation.

Automate remediation

When an issue is automatically identified and logged in Comply the resolution of that issue is automated by re-syncing. Simply fix the issue at the source and when the assets are synced to Comply again the issue will be resolved and removed.

Automations

Container Vulnerability Scanning

Container Vulnerability Scanning

  • A.12.6.1
  • CC7.1
  • 6.1
  • 11.2.3
  • 11.2.2
  • 11.2.1
  • PR.IP-12
  • DE.CM-8
  • RA-5 (5)
  • RA-5
  • RA-5 (3)
Container Image Vulnerability Scan

Container Image Vulnerability Scan

  • A.12.6.1
  • CC7.1
  • 6.1
  • 11.2.3
  • 11.2.2
  • 11.2.1
  • PR.IP-12
  • DE.CM-8
  • RA-5 (5)
  • RA-5
  • RA-5 (3)

How to use Aptible and GCP

  • Automatically delegate vulnerability scans reviews and other critical security and compliance tasks to relevant asset owners as container repo statuses change.
  • Keep your asset inventory up to date with real-time updates as you add container repos.
  • Tag assets coming into Comply to create automations and exceptions based on the tag categorization.
  • Automatically collect evidence and get notifications of changes in security settings on your services that put them at odds with your policies.
  • Automatically identify issues with your GCP services and initiate workflows to remediate the problems.
Assets synced
  • Container Repos
Domains Automated
  • Risk Management
Frameworks Automated
ISO 27001:2013
SOC 2
PCI
FedRAMP
NIST Cybersecurity V1.1
Requirements Automated
Integration scopes
  • Read: Containers
  • Permission: Role-based IAM user