Showing only posts tagged Security & Identity. Show all posts.

Shift-left your cloud compliance auditing with Audit Manager

Source

Cloud compliance can present significant regulatory and technical challenges for organizations. These complexities often include delineating compliance responsibilities and accountabilities between the customer and cloud provider. At Google Cloud, we understand these challenges faced by our customers’ cloud engineering, compliance, and audit teams, and want to help make them …

Secure your data ecosystem: a multi-layered approach with Google Cloud

Source

It’s an exciting time in the world of data and analytics, with more organizations harnessing the power of data and AI to help transform and grow their businesses. But in a threat landscape with increasingly sophisticated attacks around every corner, ensuring the security and integrity of that data …

Google Cloud deepens its commitment to security and transparency with expanded CVE program

Source

At Google Cloud, we recognize that helping customers and government agencies keep tabs on vulnerabilities plays a critical role in securing consumers, enterprises, and software vendors. We have seen the Common Vulnerabilities and Exposure (CVE) system evolve into an essential part of building trust across the IT ecosystem. CVEs …

Mandatory MFA is coming to Google Cloud. Here’s what you need to know

Source

At Google Cloud, we’re committed to providing the strongest security for our customers. As pioneers in bringing multi-factor authentication (MFA) to millions of Google users worldwide, we've seen firsthand how it strengthens security without sacrificing a smooth and convenient online experience. That’s why we will soon require …

Cloud CISO Perspectives: 10 ways to make cyber-physical systems more resilient

Source

Welcome to the second Cloud CISO Perspectives for October 2024. Today, Anton Chuvakin, senior security consultant for our Office of the CISO, offers 10 leading indicators to improve cyber-physical systems, guided by our analysis of the White House’s new PCAST report. As with all Cloud CISO Perspectives, the …

Highlights from the 10th DORA report

Source

The DORA research program has been investigating the capabilities, practices, and measures of high-performing technology-driven teams and organizations for more than a decade. It has published reports based on data collected from annual surveys of professionals working in technical roles, including software developers, managers, and senior executives. Today, we …

Introducing Google Cloud’s new Vulnerability Reward Program

Source

Vulnerability reward programs play a vital role in driving security forward. By incentivizing security research, vulnerabilities can be found and fixed by vendors before they are potentially exploited by malicious actors, protecting users and strengthening security posture. Also known as bug bounties, Google has long been a leader in …

Secure the new endpoint: Check out Chrome Enterprise Premium's latest innovations

Source

The modern workplace revolves around the browser. It's where employees access critical applications, handle sensitive data, and collaborate with colleagues. This makes the browser a critical point for enforcing security. Chrome Enterprise, the most trusted enterprise browser, recently introduced powerful new capabilities for Chrome Enterprise Premium designed to further …

From AI to Zero Trust: Google Cloud Security delivers comprehensive solutions for the public sector

Source

Government organizations and agencies face significant challenges from threat actors seeking to compromise data and critical infrastructure, and impact national and economic stability. These attacks target a broad range of industries and organizations, from water security to rural health care, via external targeting and insider threats. Government organizations are …

Cloud CISO Perspectives: AI vendors should share vulnerability research. Here’s why

Source

Welcome to the first Cloud CISO Perspectives for October 2024. Today I’m discussing new AI vulnerabilities that Google’s security teams discovered and helped fix, and why it’s important for AI vendors to share vulnerability research impacting their technology. As with all Cloud CISO Perspectives, the contents …

How Google Cloud supports telecom security and compliance

Source

Operating a telecommunications network is more than just connecting phone calls, or helping people share funny videos online. Telecom networks are critical components of our society’s infrastructure. Telecom operators face a wide array of risks to the critical communication services they provide and the sensitive data they protect …

Project Shield expands free DDoS protection to even more organizations and nonprofits

Source

Project Shield has helped news, human rights, and elections-related organizations defend against distributed denial of service (DDoS) attacks since 2013 as part of Google's commitment to keep online content universally accessible. The solution has helped keep election resources online, supported news reporting during pivotal geopolitical events, and helped governments …

How to protect your site from DDoS attacks with the power of Google Cloud networking and network security

Source

Google Cloud constantly innovates and invests significantly in our capabilities to stop cyberattacks such as distributed denial-of-service attacks from taking down websites, apps, and services. It’s an essential part of protecting our customers. Our Project Shield offering, which uses Google's Cloud networking and our Global Front End infrastructure …

Announcing new Confidential Computing updates for even more hardware security options

Source

Google Cloud is committed to ensuring that your data remains safe, secure, and firmly under your control. This begins with fortifying the very foundation of your compute infrastructure — your Compute Engine virtual machines (VMs) — with the power of Confidential Computing. Confidential Computing protects data while it’s being used …

How virtual red team technology can find high-risk security issues before attackers do

Source

Cloud security teams use cloud-native application protection platforms (CNAPPs) to find misconfigurations and vulnerabilities in their multi-cloud environments. While these solutions can discover thousands of potential security issues in large cloud environments, many fail to answer two fundamental cloud security questions: “Where am I most at risk?” and “What …

Cloud CISO Perspectives: How CISOs can work with cloud providers to improve incident response

Source

Welcome to the second Cloud CISO Perspectives for September 2024. Today, Google Cloud’s Vinod D’Souza and Chris Cornillie examine the vital role that CISOs play in working with cloud providers to improve their organization’s incident preparedness. As with all Cloud CISO Perspectives, the contents of this …

Google named a Leader in IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment

Source

Security information and event management (SIEM) systems are the backbone of most security operations centers and security teams rely on them for effective threat detection, investigation, and response. We’re thrilled to share that Google has been named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 …

How to get started with automatic password rotation on Google Cloud

Source

Introduction Password rotation is a broadly-accepted best practice, but implementing it can be a cumbersome and disruptive process. Automation can help ease that burden, and in this guide we offer some best practices to automate password rotation on Google Cloud. As an example, we share a reference architecture to …

Introduction to Threat Intelligence and Attribution course, now available on-demand

Source

Ask 10 cybersecurity experts to define “attribution” and they would likely provide as many different answers. The term has become an industry buzzword for the process by which evidence of a breach is converted into a public disclosure naming the attackers responsible. In reality, attribution is the result of …

Announcing expanded CIEM support to reduce multicloud risk in Security Command Center

Source

Identities can be a major source of cloud risk when they’re not properly managed. Compromised credentials are frequently used to gain unauthorized access to cloud environments, which often magnifies that risk since many user and service accounts are granted access to cloud services and assets beyond their required …

Activating your defender's advantage at mWISE ‘24

Source

To stay ahead of evolving threats, security leaders and practitioners must tap into a vital but underutilized tool to strengthen their defenses: collaboration. The power of communication and knowledge-sharing among peers can help defenders seize the advantage when fighting threat actors who repeat the same tactics, techniques, and procedures …

How to prevent account takeovers with new certificate-based access

Source

Stolen credentials are one of the top attack vectors used by attackers to gain unauthorized access to user accounts and steal information. At Google, we’re continually evolving security capabilities and practices to make our cloud the most trusted cloud. To help protect your organization from stolen credentials, cookie …

page 1 | older articles »