This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

SCC - Attack path simulation using SA SYSTEM_MANAGED Keys

Posted on 08-09-2023 03:03 AM
pfilourenco
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hi,

Attack path simulation is using SA SYSTEM_MANAGED keys to represent as a possibility, this is something that we as user's can't do anything, since any SA without USER_MANAGED key have always a SYSTEM_MANAGED key.

Is this something expected? 


Any solution to avoid this keys on the simulation?

 

BR,

Pedro Lourenço

Solved Solved
7 2 669
Topic Labels
Jump to Solution
2 ACCEPTED SOLUTIONS

Posted on --/--/---- --:-- AM
dionv
Staff
Reply posted on --/--/---- --:-- AM

Hello @pfilourenco ,

Here is according to Mahesh "Google Cloud’s advanced attack simulation engine leverages our first-party, agentless visibility of Google Cloud assets, the relationships between assets, and the current state of defenses. Attack path simulation is fully automated with no need to manually run queries. Simulations run in the Google Cloud environment, and do not send snapshots outside your environment, avoiding exposure of sensitive information."

You can check this documentation for reference.

View solution in original post

Jump to Solution

Posted on --/--/---- --:-- AM
pfilourenco
Bronze 5
Bronze 5
In response to dionv
Reply posted on --/--/---- --:-- AM

@dionv that is not a "Solved" answer for my question...
After this question I opened a ticket and Google Cloud resolved the problem, removing the SA SYSTEM_MANAGED keys from the attack simulation engine.

View solution in original post

Jump to Solution
2 REPLIES 2

Posted on --/--/---- --:-- AM
dionv
Staff
Reply posted on --/--/---- --:-- AM

Hello @pfilourenco ,

Here is according to Mahesh "Google Cloud’s advanced attack simulation engine leverages our first-party, agentless visibility of Google Cloud assets, the relationships between assets, and the current state of defenses. Attack path simulation is fully automated with no need to manually run queries. Simulations run in the Google Cloud environment, and do not send snapshots outside your environment, avoiding exposure of sensitive information."

You can check this documentation for reference.

Jump to Solution

Posted on --/--/---- --:-- AM
pfilourenco
Bronze 5
Bronze 5
In response to dionv
Reply posted on --/--/---- --:-- AM

@dionv that is not a "Solved" answer for my question...
After this question I opened a ticket and Google Cloud resolved the problem, removing the SA SYSTEM_MANAGED keys from the attack simulation engine.

Jump to Solution