We’re busy getting ready for Google Cloud Next ‘21 where we’re excited to talk about the latest updates to our security portfolio and new ways we’re committing to help all of our customers build securely with our cloud. Here are a few sessions you don’t …
Are you a network security engineer managing large shared VPCs with many projects and applications deployed, and struggling to clean up hundreds of firewall rules accumulated overtime in the VPC firewall rule set? Are you a network admin setting up open firewall rules to accelerate cloud migration, but later …
Encryption is critical for securing sensitive data while it is stored and transits the cloud. Today, Cloud Storage encrypts data server-side with standard Google-managed encryption keys by default, and can also encrypt data with customer-managed encryption keys that are stored and managed by Cloud Key Management Service (Cloud KMS …
For years, Google Cloud customers who are subject to European data protection laws 1 have relied on our Standard Contractual Clauses (SCCs), as previously approved by regulators, to legitimize overseas transfers of their customer personal data when using our services. Today, we are glad to announce an update to …
Jaliesha is responsible for cybersecurity within the DevOps team at her cloud-native software service company – they call it DevSecOps. She has several requirements pressing down on her as their offering explodes in popularity and they take in their second round of VC funding: Meet compliance requirements for Intrusion Detection …
Cloud computing is globally recognized as the single most effective, agile and scalable path to digitally transform and drive value creation. It has been a critical catalyst for growth, allowing private organizations and governments to support consumers and citizens alike, delivering services quickly without prohibitive capital investment. European organizations …
Over the course of the COVID-19 pandemic, we’ve seen our customers across the globe increase their use of cloud services, in large part due to an increase in e-commerce activities, digitization efforts, and the move to remote work. This shift has put further emphasis on the importance of …
Like most businesses, we are constantly evolving and innovating to keep pace with the digital world. Last year, many experiences we had with our customers shifted to being online. And while our virtual customer interactions increased, so did attempted attacks. We needed to secure our customers’ experiences while simultaneously …
Protecting patient data is of paramount importance to any healthcare provider. This is not only because of the many laws and regulations in different countries around the world requiring this data to be safeguarded, but it is a foundational requirement for trust between a provider and their patient. This …
We’re more than halfway through 2021 and cybersecurity continues to be one of the most pressing issues facing organizations around the globe. As a major cloud provider, we have the opportunity to help address these challenges by delivering high levels of security in the platforms and services we …
One of the most used buzzwords in cybersecurity today is undoubtedly “Zero Trust.” It’s been used to describe a wide range of approaches and products, leading to a fair bit of confusion about the term itself and to what it actually means. Some attempts to explain or simplify …
Detection and remediation of security vulnerabilities before they reach deployment is critical in a cloud-native world. This makes scanning for vulnerabilities early and often an important part of continuous integration and delivery (CI/CD) processes. The earlier a problem is detected, the fewer downstream issues will occur. The process …
Whether you are a social media site, security company, or enterprise email manager, keeping users safe is always the goal. However, the top two threats to users' security, phishing and malware, can make that challenging. The Safe Browsing team at Google has been dedicated to defending the web from …
Google Cloud Functions provides a simple and intuitive developer experience to execute code from Google Cloud, Firebase, Google Assistant, or any web, mobile, or backend application. Oftentimes that code needs secrets—like API keys, passwords, or certificates—to authenticate to or invoke upstream APIs and services. While Google Secret …
Developers use the gRPC RPC framework for use cases like backend service-to-service communications or client-server communications between web, mobile and cloud. In July 2020, we announced support for proxyless gRPC services to reduce operational complexity and improve performance of service meshes with Traffic Director, our managed control plane for …
Enterprises looking to take advantage of the scalability and ease-of-use associated with cloud technology have often turned to serverless computing architectures. In these systems, a cloud provider allocates resources on-demand as required by a particular workload, and abstracts much of the management of an application or system for a …
Since launching BeyondCorp Enterprise in January, our team has been busy working with customers to understand how they are using the product and what we can do to better support their needs as they continue on their zero trust journey. We believe zero trust is an effective way to …
Forensics is the application of science to criminal and civil laws. It is a proven approach for gathering and processing evidence at a crime scene. An integral step in the forensics process is the isolation of the scene without contaminating or modifying the evidence. The isolation step prevents any …
In fast-moving organizations, it's not uncommon for cloud resources, including entire projects, to occasionally be forgotten about. Not only such unattended resources can be difficult to identify, but they also tend to create a lot of headaches for product teams down the road, including unnecessary waste and security risks …
Secret Manager is a Google Cloud service that provides a secure and convenient way to store API keys, passwords, certificates, and other sensitive data. It is the central place and single source of truth to manage, access, and audit secrets across Google Cloud. Since its launch, Secret Manager has …
Risk Management and Compliance is as important in the cloud as it is in conventional on-premises environments. To help organizations in regulated industries meet their compliance requirements, Google Cloud offers automated capabilities that ensure the effectiveness of productionalization processes. Continuous compliance in the banking industry Banks have a formidable …
Google Cloud IDS, now available in preview, delivers cloud-native, managed, network-based threat detection, built with Palo Alto Networks’ industry-leading threat detection technologies to provide high levels of security efficacy. Cloud IDS can help customers gain deep insight into network-based threats and support industry-specific compliance goals that call for the …
One of the biggest challenges for software developers is the need to make informed choices about the external software and products they use in their own software systems. Evaluating whether a given system is appropriately secured can be challenging, especially if it’s external or owned by a third …
Whether they were ready for it or not, the COVID-19 pandemic transformed many retailers into digital businesses. Retailers made huge investments into commerce technologies, customer experience tools, sales and fulfillment technology, and improving digital experiences to continue providing their goods and services to their customers. Now, more than a …
In our first episode of the Cloud Security Podcast, we had the pleasure to talk to Nelly Porter, Group Product Manager for the Cloud Security team. In this interview Anton, Tim, and Nelly examine a critical question about data security: how can we process extremely sensitive data in the …