Status Update
No update yet.
Comments
ba...@google.com
ma...@google.com
Thank you for reporting this issue.For us to further investigate this issue, please provide the following additional information:
Please provide the bugreport immediately after the issue is reproduced.We need bugreport to investigate this issue.
Android bug report (to be captured after reproducing the issue)
For steps to capture a bug report, please refer:https://developer.android.com/studio/debug/bug-report#bugreportdevice
Alternate method:
Navigate to “Developer options”, ensure “USB debugging” is enabled, then enable “Bug report shortcut”. Capture bug report by holding the power button and selecting the “Take bug report” option.
Note: Please upload the files to google drive and share the folder to android-bugreport@google.com, then share the link here.
Please provide the bugreport immediately after the issue is reproduced.We need bugreport to investigate this issue.
Android bug report (to be captured after reproducing the issue)
For steps to capture a bug report, please refer:
Alternate method:
Navigate to “Developer options”, ensure “USB debugging” is enabled, then enable “Bug report shortcut”. Capture bug report by holding the power button and selecting the “Take bug report” option.
Note: Please upload the files to google drive and share the folder to android-bugreport@google.com, then share the link here.
Description
Customer Google Security Command Center (SCC) want to differentiate vulnerabilities detected in Google Managed Services from those in their own resources.
Currently, SCC does not provide a clear way to filter or categorize vulnerabilities based on whether they originate from a Google Managed Service or customer-managed services.
This lack of differentiation makes it difficult for customers to:
Prioritize remediation efforts by focusing on vulnerabilities they are responsible for addressing.
Gain a clear understanding of their overall security posture.
Avoid spending time investigating vulnerabilities in Managed Services that are Google's responsibility.
Desired Functionality:
Vulnerability Tagging: SCC should automatically tag or label vulnerabilities detected in Google Managed Services.
Filtering Capability: SCC should provide filtering options that allow users to:
Filter out vulnerabilities from Managed Services.
Filter for vulnerabilities in Managed Services.
Filter for vulnerabilities in customer-managed resources.
Clear Identification: The tagging or labeling mechanism should clearly identify the Managed Service associated with the vulnerability.