All modules
R

AI fix guidance

Remediations

Plans that ship the fix

Every SecureMonitor finding is paired with an AI-authored remediation plan: step-by-step guidance, scoped risk, and an escalation path to a certified GCP engineer if you need one. From finding to fixed in minutes, not weeks.

Book a guided demo Compare to other modules
  • One plan per finding
    Cost, security, performance, sustainability — all categories covered.
  • Risk + severity
    Each plan tagged with risk level so engineering can prioritise safely.
  • Manual steps
    Every step spelled out — console paths, exact button labels, validation.
  • Escalation built-in
    Need help? Contact Zenta routes you to a certified GCP engineer.

Walkthrough

Inside Remediations.

What an engineer sees when they open a critical finding.

Remediation Plans
AI-powered security and cost remediation
Remediation Plan
Search remediations…
All (1878)Cost (8)Security (1870)Vulnerability (0)Performance (0)Manageability (0)Sustainability (0)Reliability (0)
  • Remove Broad Public IP RangesCRITICALSECURITY

    Cloud SQL instance ‘acme-orders-mysql’ has broad public IP ranges authorized, which could expose it to unauthorized access…

    RC-dcecc6390af4READY TO START
  • Address Codeception Deserialization VulnerabilityCRITICALSECURITY

    The codeception/codeception package is vulnerable to deserialization of user input, which may lead to arbitrary comman…

    SF-f25156f7a73dbREADY TO START
  • Restrict Ingress Traffic Firewall RuleCRITICALSECURITY

    The firewall rule ‘default-allow-https’ allows ingress traffic from any IP address (0.0.0.0/0), which increases the attack surface…

    SF-57088e7f1023READY TO START
  • Secure Exposed Service AccountCRITICALSECURITY

    The service account billing-alerts-svc@acme-prod.iam.gserviceaccount.com exposes valued resources…

    SF-c8ee5f3aa01bREADY TO START
Total: 1878 • Page 1 of 188Previous123Next
Remove Broad Public IP Ranges

Cloud SQL instance ‘acme-orders-mysql’ has broad public IP ranges authorized, which could expose it to unauthorized access. This recommendation suggests reviewing and removing these broad ranges for enhanced security.

9
Manual Steps Required
CRITICAL
Severity
MEDIUM
Risk Level
Step-by-Step Process
  1. Navigate to the Cloud SQL instances page in the Google Cloud Console.
  2. Select project: acme-prod from the project dropdown.
  3. Click on the instance named ‘acme-orders-mysql’ in the list.
  4. Go to the ‘Connections’ tab.
  5. Navigate to the ‘Networking’ tab.
  6. In the ‘Authorized networks’ section, review the list of authorized networks.
  7. Identify and remove any broad public IP ranges such as 0.0.0.0/0.
  8. Click ‘Save’ to apply the changes.
  9. Verify that the instance is no longer exposed to broad public IP ranges.

Why this exists

60% of organisations that suffered a breach cited a known, unpatched vulnerability as the root cause. The fix existed. The execution didn't.

Ponemon Institute / Cost of a Breach 2024

/01
Authoring at scale

AI writes the plan. A human signs off.

Pulse generates the plan from the finding's metadata, then routes anything novel through a certified engineer for review before publishing.

/02
Time compression

Hours of research collapsed to minutes of execution.

Open the plan, follow the steps, validate, close. The same fix that takes a junior engineer half a day takes minutes.

/03
CloudCare layer

Stuck? Hand it to us.

Every plan ships with a Contact Zenta Team button. Our certified GCP engineers can implement the fix on your behalf — that's the CloudCare support layer baked into the platform.

Pairs with

Remediations doesn't work alone.

S
Posture
SecureMonitor
Severity-driven triage on top of SCC. A 30-day trend tells you if posture is improving.
O
AI assistant
Ollie
Asks your environment, not the documentation. Pulls live data into every reply.
Live walkthrough

See Pulse in action,
today!

We walk you through every Pulse module — BillPulse, SecureMonitor, PulseArc, Ollie, Killswitch — on a representative GCP environment loaded with realistic data, together with a certified engineer from the D3V team. About 30 minutes.

Book a demoOr take the self-guided tour

What you'll see in the demo

  • 01Daily cost intelligence — daily run-rate, monthly forecast, and gross-vs-net at the project grain.
  • 02Severity-ranked SCC findings with the matching AI remediation plan one click away.
  • 03An interactive PulseArc map of resources with security overlay — a live document, not a drawing.
  • 04Ollie answering plain-English questions about a realistic GCP environment, with sources.
hello@d3vtech.com~24h reply
Free Cloud Security AssessmentSeparate offering

A one-off, no-charge audit that surfaces critical SCC findings in your GCP — a complimentary service from D3V to help teams understand their security gaps before adopting Pulse.

Get in touch