At Google Cloud, we are committed to advancing invisible security and democratizing security operations for every organization. Today, we’re proud to share the next step in this journey with the acquisition of Siemplify, a leading security orchestration, automation and response (SOAR) provider. Siemplify shares our vision in this …
This is our last Cloud CISO Perspectives of 2021. It's been an eventful year for the cybersecurity industry, both good and bad, and I welcome the opportunities and challenges we will continue to address together in 2022. In this final post, I’ll share the latest updates from the …
Having the ability to access corporate resources and information remotely and securely has been crucial for countless organizations during the course of the COVID-19 pandemic. Yet, many employees may agree that this process is not always seamless, especially if they were blocked from getting to an app or a …
Editor's note : This post was updated on 12/15/21 at 12:45pm PST. In this post, we provide recommendations from the Google Cybersecurity Action Team and discuss Google Cloud and Chronicle solutions to help security teams to manage the risk of the Apache “Log4j 2” vulnerability ( CVE-2021-44228 and …
In this post, we’ll provide recommendations from the Google Cybersecurity Action Team and discuss solutions available to Google Cloud customers and security teams to manage the risk of the Apache “Log4j 2” vulnerability ( CVE-2021-44228 ). Please visit Google Cloud’s advisory page for the latest updates on our assessment …
Service accounts on Google Cloud are used when a workload needs to access resources or conduct actions without end-user involvement. There are multiple methods of authenticating using service accounts, including using service accounts as part of Google Compute Engine instances, impersonating service accounts, or using service accounts with a …
Editor’s note : As of 12/21/2021 2:45pm PST, this post was updated to indicate that detections for CVE-2021-45105 are now present in production As of 12/20/2021 at 2:15pm PST, this post was updated to indicate that detections for CVE-2021-4104 are present in production …
Editor’s note : As of 1/4/2022 3:00pm PST, this post was updated to indicate that detections for CVE-2021-44832 are now present in production. Full change log can be found in the footnotes. NIST has announced recent vulnerabilities ( CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105 & CVE-2021-44832 ) in the Apache Log4j …
Editor's note : As of 12/16/2021 at 3:45pm PST, this post was updated to include information about detections for CVE-2021-45046. NIST has announced a recent vulnerability ( CVE-2021-44228 ) in the Apache Log4j library. To help with detection, Google Cloud IDS customers can now monitor and detect attempted exploits …
Editor’s note : As of 12/20/2021 at 2:15pm PST, this post was updated to indicate that detections for CVE-2021-4104 are present in production As of 12/19/2021 at 1:51pm PST, this post was updated to indicate that detections for CVE-2021-45046 are now present in …
NIST has announced a recent vulnerability ( CVE-2021-44228 ) in the Apache Log4j library. To help with detection, Google Cloud IDS customers can now monitor and detect attempted exploits of CVE-2021-44228. Background The Apache Log4j utility is a commonly used component for logging requests. On December 9, 2021, a vulnerability was …
Editor's note: As of 12/16/2021 at 12pm PST, this post was updated to include more information about the latest NIST publication, CVE-2021-45046. The existing Cloud Armor ‘cve-canary’ rule offers the same level of protection for the new CVE. As of 12/13/2021 at 5:30pm PST …
NIST has announced a recent vulnerability ( CVE-2021-44228 ) in the Apache Log4j library. To help mitigate the effects of this vulnerability, Google Cloud Armor customers can now deploy a new preconfigured WAF rule that will help detect and, optionally, block attempted exploits of CVE-2021-44228. Background The Apache Log4j utility is …
Google has a long history and deep commitment to innovation in the public sector and regulated markets including healthcare, financial services, and telecommunications, to name a few. Recently, we’ve made significant advances in our security and compliance offerings and capabilities in order to better enable government and government …
As more and more applications move to the cloud, cloud network security teams have to keep them secure against an ever-evolving threat landscape. Shielding applications against network threats is also one of the most important criteria for regulatory compliance. For example, effective intrusion detection is a requirement of the …
MEDITECH develops electronic health record (EHR) systems solutions that enhance the interactions of physicians and clinicians with patients. The company empowers healthcare organizations large and small to deliver secure, cost-effective patient care. MEDITECH's intuitive and mobile offerings include software for health information management, patient care and patient safety, emergency …
Time flies when you’re having fun! We’ve produced 46 episodes of the Cloud Security Podcast by Google since our launch in February 2021. Looking back, we’d like to share some cloud security lessons and insights we picked up along the way. Over the course of 2021 …
Entertainment has never been more accessible. As our phones are now an inextricable part of our lives, there’s an increasing appetite for mobile video content, and that is what Vuclip delivers. Vuclip is a leading video-on-demand service for mobile devices with more than 41 million monthly active users …
GitHub Actions is a third-party CI/CD solution popular among many Google Cloud customers and developers. When a GitHub Actions Workflow needs to read or mutate resources on Google Cloud – such as publishing a container to Artifact Registry or deploying a new service with Cloud Run – it must first …
At Google Cloud, we are committed to supporting the next wave of growth for Europe’s businesses and organizations. Germany is one of the largest and most connected global economies, and it is undergoing digital transformation enabled by the use of cloud services. To further support that transformation, we …
Almost two decades of Site Reliability Engineering (SRE) has proved the value of incorporating software engineering practices into traditional infrastructure and operations management. In a parallel world, we’re finding that similar principles can radically improve outcomes for the Security Operations Center (SOC), a domain plagued with infrastructure and …
We’re coming up on the end of the year, yet many of the most pressing security themes from 2021 remain the same, from securing open source software, to enabling zero trust architectures and more. I’ll recap the latest updates from the Google Cybersecurity Action Team and industry …
At Google we have an immense aperture into the global cybersecurity threat landscape and the means to mitigate risks that stem from those threats. With our recently launched Google Cybersecurity Action Team, we are bringing more of our security abilities and advisory services to our customers to increase their …
Security Command Center (SCC) is Google Cloud’s security and risk management platform that helps manage and improve your cloud security and risk posture. It is used by organizations globally to protect their environments providing visibility into cloud assets, discovering misconfigurations and vulnerabilities, detecting threats, and helping to maintain …
Almost all publicly reported breaches in the cloud stem from misconfigurations, rather than from attacks that compromise underlying cloud infrastructure. Misconfigurations continue to be a source of security risk because most security and compliance practices play catchup - teams are involved later in the CI/CD process and misconfigurations are …