Network misconfigurations

Vm instance without Confidential Compute feature

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

We have found that {GcpVmInstance} does not have Confidential Computing enabled. Confidential Computing enables customers' sensitive code and other data to be encrypted in memory during processing. Google does not have access to the encryption keys. Confidential VM can help alleviate concerns about risk related to either dependency on Google infrastructure or Google insiders access to customer data in the clear.
  • Recommended Mitigation

    Make sure Confidential Compute is enabled for the Vm instance