Google Cloud constantly innovates and invests significantly in our capabilities to stop cyberattacks such as distributed denial-of-service attacks from taking down websites, apps, and services. It’s an essential part of protecting our customers. Our Project Shield offering, which uses Google's Cloud networking and our Global Front End infrastructure …

To build trust in the software world, developers need to be able to digitally sign their code and attest that the software their customers are downloading is legitimate and hasn’t been maliciously altered. Keys used to sign code are the cryptographic equivalent of crown jewels for many organizations …

Google Cloud is committed to ensuring that your data remains safe, secure, and firmly under your control. This begins with fortifying the very foundation of your compute infrastructure — your Compute Engine virtual machines (VMs) — with the power of Confidential Computing. Confidential Computing protects data while it’s being used …

Cloud security teams use cloud-native application protection platforms (CNAPPs) to find misconfigurations and vulnerabilities in their multi-cloud environments. While these solutions can discover thousands of potential security issues in large cloud environments, many fail to answer two fundamental cloud security questions: “Where am I most at risk?” and “What …

Welcome to the second Cloud CISO Perspectives for September 2024. Today, Google Cloud’s Vinod D’Souza and Chris Cornillie examine the vital role that CISOs play in working with cloud providers to improve their organization’s incident preparedness. As with all Cloud CISO Perspectives, the contents of this …

Security information and event management (SIEM) systems are the backbone of most security operations centers and security teams rely on them for effective threat detection, investigation, and response. We’re thrilled to share that Google has been named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 …

Introduction Password rotation is a broadly-accepted best practice, but implementing it can be a cumbersome and disruptive process. Automation can help ease that burden, and in this guide we offer some best practices to automate password rotation on Google Cloud. As an example, we share a reference architecture to …

Ask 10 cybersecurity experts to define “attribution” and they would likely provide as many different answers. The term has become an industry buzzword for the process by which evidence of a breach is converted into a public disclosure naming the attackers responsible. In reality, attribution is the result of …

Identities can be a major source of cloud risk when they’re not properly managed. Compromised credentials are frequently used to gain unauthorized access to cloud environments, which often magnifies that risk since many user and service accounts are granted access to cloud services and assets beyond their required …

To stay ahead of evolving threats, security leaders and practitioners must tap into a vital but underutilized tool to strengthen their defenses: collaboration. The power of communication and knowledge-sharing among peers can help defenders seize the advantage when fighting threat actors who repeat the same tactics, techniques, and procedures …

Stolen credentials are one of the top attack vectors used by attackers to gain unauthorized access to user accounts and steal information. At Google, we’re continually evolving security capabilities and practices to make our cloud the most trusted cloud. To help protect your organization from stolen credentials, cookie …

Welcome to the first Cloud CISO Perspectives for September 2024. Today I’m taking a look at how our initiatives to drive cybersecurity collaboration across industries, regulators and governments, IT consortia, and researchers and universities can help make everyone safer online. As with all Cloud CISO Perspectives, the contents …

Electronic Arts (EA) is a global leader in digital interactive entertainment, known for its cutting-edge games, innovative services, and powerful technologies. So when EA Sports FC, a leading brand in the gaming industry, needed to choose a cloud provider to host its gaming infrastructure, they selected Google Cloud Armor …

The first step towards protecting sensitive data begins with knowing where it exists. Continuous data monitoring can help you stay one step ahead of data security risks and set proper access controls to ensure data is used for the right reasons while minimizing unnecessary friction. Google Cloud’s Sensitive …

Welcome to the second Cloud CISO Perspectives for August 2024. Today Google Cloud Security’s Peter Bailey talks about our upcoming Mandiant Worldwide Information Security Exchange (mWISE) Conference, and why mWISE can be one of the most valuable events this year for CISOs, security leaders, and those looking to …

In today's digital landscape, data reliability, availability, and performance are paramount. Businesses and organizations rely on cloud storage solutions that not only ensure that data is safe, but that also provide uninterrupted access and low latency. Cloud Storage is a robust solution to these challenges, offering three distinct types …

Secret Manager is a fully-managed, scalable service for storing, operating, auditing and accessing secrets used across Google Cloud services including GKE and Compute Engine. A critical part of any secrets management strategy is managing deletion and destruction of secrets. To provide customers with advanced capabilities in this area, we …

To keep pace with modern threats, organizations large and small need to take a hard look at their security tooling and determine how they can adapt to accelerate step function change. And while this may seem daunting, Google Cloud Security can help you make sure it doesn't have to …

Web-based large-language models (LLM) are revolutionizing how we interact online. Instead of well-defined and structured queries, people can engage with applications and systems in a more natural and conversational manner — and the applications for this technology continue to expand. While LLMs offer transformative business potential for organizations, their integration …

Building on the launch of the Google Cloud region in the Kingdom of Saudi Arabia (KSA) in November 2023, we are excited to announce new data sovereignty, security, and AI capabilities for the Dammam region. These new offerings can help support the digital transformation journeys of organizations operating in …

Compliance isn't a one-time goal; it's an ongoing process. As your organization and the regulatory environment evolve, so too does Assured Workloads. Here are the latest additions to our portfolio of software-defined controls and policies that can make supporting your compliance requirements easier on Google Cloud. Introducing Compliance Updates …

Are you curious about the new enhancements in Cloud NAT ? Have you explored Cloud NGFW Enterprise ? In this blog we dive into both of these topics with informative video demos on both that you can watch at any time. # 1- Cloud NAT and NGFWs Cloud NAT and Cloud NGFW …

Welcome to the first Cloud CISO Perspectives for August 2024. Today I’m adapting our upcoming Perspectives on Security for the Board report. It examines three key cybersecurity topics from the vantage of the board of directors: multifactor authentication, digital sovereignty, and — the one I’ll be focusing on …

Welcome to the first Cloud CISO Perspectives for August 2024. Today I’m adapting our upcoming Perspectives on Security for the Board report. It examines three key cybersecurity topics from the vantage of the board of directors: multifactor authentication, digital sovereignty, and — the one I’ll be focusing on …

Welcome to the first Cloud CISO Perspectives for August 2024. Today I’m adapting our upcoming Perspectives on Security for the Board report. It examines three key cybersecurity topics from the vantage of the board of directors: multifactor authentication, digital sovereignty, and — the one I’ll be focusing on …