The Google Cloud DORA team has been hard at work releasing our yearly Accelerate State of DevOps report. This research provides an independent view into the practices and capabilities that organizations, irrespective of their size, industry, and region, can employ to drive better performance. Year over year, the State …
The State of DevOps report by Google Cloud and the DORA research team is the largest and longest running research of its kind with inputs from over 32,000 professionals worldwide. It provides an independent view into the practices and capabilities that organizations, irrespective of their size, industry, and …
As a provider of software and services for global enterprises, Google Cloud understands that the quality and security of products is instrumental in maintaining trust among our customers. We are committed to providing products and services that help our customers meet their quality management objectives, ultimately helping organizations to …
We’re excited to announce Confidential Computing on the latest Google Compute Engine N2D and C2D Virtual Machines. At Google Cloud, we’re constantly striving to deliver performance improvements and feature enhancements. Last November, we announced the general availability of general-purpose N2D machine types running on 3rd Gen AMD …
Editor’s note : The post is part of a series highlighting our awesome partners, and their solutions, that are Built with BigQuery. Since the very first email was sent more than 50 years ago, the now-ubiquitous communication tool has evolved into more than just an electronic method of communication …
Almost a decade ago, we started encrypting traffic between our data centers to help protect user privacy. Since then, we gradually rolled out changes to encrypt almost all data in transit. Our approach is described in our Encryption in Transit whitepaper. While this effort provided invaluable privacy and security …
As sophisticated cyberattack campaigns increasingly target the U.S. public and private sectors during the COVID era, the White House and federal agencies have taken steps to protect critical infrastructure and remote-work infrastructure. These include Executive Order 14028 and the Office of Management and Budget’s Memorandum M-21-31, which …
At Google Cloud, we’re focused on giving customers new ways to strengthen their security posture. Many organizations use service account keys to authenticate for Google Cloud Platform API access, but managing keys can be challenging, especially in multi-cloud scenarios. To help, last year we launched Workload Identity Federation …
Cybersecurity risks remain at the top of every organization’s agenda. As we progress on our Invisible Security journey, we remain focused on delivering solutions that can make governments and enterprises safer with Google, in our trusted cloud and through SaaS products that bring our security capabilities to on-premises …
There has been an increasing awareness in the developer community, enterprises, and governments of software supply chain risks. Remediation efforts for vulnerabilities like Log4j and Spring4shell, and a 650% year-over-year increase in cyberattacks aimed at open source suppliers, have sharpened focus on the critical task of bolstering the security …
Google Cloud Security Summit is just a few days away! We have an exciting agenda with a keynote, demo, and breakout sessions across four tracks - Zero Trust, Secure Software Supply Chain, Ransomware & Emerging Threats, and Cloud Governance & Sovereignty. By attending this summit, you will be the first to learn …
At Google Cloud, we believe that the protection of our customers’ sensitive data is paramount, and encryption is a powerful mechanism to help achieve this goal. For years, we have supported encryption in transit when our customers ingest their data to bring it to the cloud. We’ve also …
At Google, we follow a security-first philosophy to make safeguarding our clients’ and users' data easier and more scalable, with strong security principles built into multiple layers of Google Cloud. In line with this philosophy, we want to make sure that our Container-Optimized OS adheres to industry-standard security best …
This month marks one year of our Cloud CISO Perspectives Series ! Over the past year, we’ve discussed many milestones and challenges across our industry. I’m most proud of the work our collective security teams at Google Cloud are doing everyday to help improve security for our customers …
It is hard to understand global payments without understanding SWIFT. For over 40 years, SWIFT, Society for Worldwide Interbank Financial Telecommunication, has secured financial messaging for banks, corporates, brokers, and treasuries in over 200 countries. For example, if you have ever requested a funds transfer from your local bank's …
Managed Security Service Providers (MSSPs) can deliver high-value security services for customers, helping to drive efficiencies in security operations across people, product, and processes. In an environment where the threat landscape continues to be challenging, MSSPs can allow customers to scale their security teams driving enhanced security outcomes. At …
Two themes have been resonating for me across the security industry over the last month. The first is a topic from my personal blog that I wrote more than two years ago: Resilience is about Capabilities not Plans. Collectively, organizations have proven their ability to be resilient in light …
At the end of 2021, we announced the ability for Google Cloud Certificate Authority (CA) Service to issue certificates for workloads reflecting their federated identities, even if the workloads are hosted on-premises or in other clouds. We are excited to announce this capability is now generally available, advancing our …
As the war in Ukraine continues to unfold, I want to update you on how we’re supporting our customers and partners during this time. Google is taking a number of actions. Our security teams are actively monitoring developments, and we offer a host of security products and services …
With the release of OpenSSH 8.2 almost two years ago, native support for FIDO authentication became an option in SSH. This meant that you could have your SSH private key protected in a purpose-built security key, rather than storing the key locally on a disk where it may …
As organizations move to the cloud, VM-based architectures continue to make up a significant portion of compute-centric workloads. To help ensure strong protection for these deployments, we are thrilled to announce a public preview of our newest layer of threat detection in Security Command Center (SCC): Virtual Machine Threat …
European organizations, both public and private, are migrating their operations and data to the cloud in increasing numbers. In doing so, they need confidence they can meet their unique needs for security, privacy, and digital sovereignty. Key requirements include the ability to store data within a European geographic region …
I’m excited to share our first Cloud CISO Perspectives post of 2022. It's already shaping up to be an eventful year for our industry and we’re only in month one. There’s a lot to recap in this post, including the U.S. government’s recent efforts …
The accelerating pursuit of cloud-enabled digital transformations brings new growth opportunities to organizations, but also raises new challenges. To ensure that they can lock in newfound agility, quality improvements, and marketplace relevance, boards of directors must prioritize safe, secure, and compliant adoption processes that support this new technological environment …
We are often asked if the cloud is more secure than on-premise infrastructure. The quick answer is that, in general, it is. The complete answer is more nuanced and is grounded in a series of cloud security “megatrends” that drive technological innovation and improve the overall security posture of …