Notifications
Clear all
Topic starter
A customer deploys an application to App Engine and needs to check for Open Web Application Security Project (OWASP) vulnerabilities .
Which service should be used to accomplish this?
- A . Cloud Armor
B . Cloud Security Scanner
C . Binary Authorization
D . Forseti Security
Suggested Answer: B
Explanation:
Web Security Scanner identifies security vulnerabilities in your App Engine, Google Kubernetes Engine (GKE), and Compute Engine web applications. It crawls your application, following all links within the scope of your starting URLs, and attempts to exercise as many user inputs and event handlers as possible.
Currently, Web Security Scanner only supports public URLs and IPs that aren’t behind a firewall. Web Security Scanner currently supports the App Engine standard environment and App Engine flexible environments, Compute Engine instances, and GKE resources.
Reference link- https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview
Explanation:
Web Security Scanner identifies security vulnerabilities in your App Engine, Google Kubernetes Engine (GKE), and Compute Engine web applications. It crawls your application, following all links within the scope of your starting URLs, and attempts to exercise as many user inputs and event handlers as possible.
Currently, Web Security Scanner only supports public URLs and IPs that aren’t behind a firewall. Web Security Scanner currently supports the App Engine standard environment and App Engine flexible environments, Compute Engine instances, and GKE resources.
Reference link- https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview
Posted : 26/11/2022 7:10 am