Google Cloud Unveils Major Security Updates Focused on Convergence

Google Cloud wants to help unify all your secuirty structures to boost protection

Google has unveiled a series of enteprise-focused security features designed to enhance protection through the power of "convergence" - the integration of physical and cybersecurity measures into an all-encompassing solution. In the announcement at its annual Google Cloud Security Summit, the company made it clear that the unification of security features, AI and frontline threat intelligence will help create a more proactive and streamlined approach. The company also acknowledged customers team up with other providers, adding collaboration will ultimately strengthen businesses' security postures. Among the new announcements was the introduction of Mandiant Custom Threat Hunt, a service designed to help companies uncover past and ongoing threat activities, which Google says will be helpful for those implementing new technologies as well as companies going through mergers or acquisitions and those targeted directly or indirectly through an incident like a breach. The Security Command Center, now available as a preview, also saw significant updates, including the introduction of a tool to surface toxic combinations, where multiple security issues combined create an unacceptable risk. Another highlight was an update to the Chrome Enterprise Premium browser, which now offers updated security features like data watermarking, URL filtering and enhanced security insights, all available with a new pay-as-you-go pricing model. More broadly, Google announced a series of updates and new tools for identity and access management, network and data security, and regulated cloud. Some are generally available, and others are rolling out in preview following the event. Sunil Potti, VP and GM for Google Cloud Security, commented on the company's commitment to convergence: "To truly elevate security, we believe in the power of simplicity. Instead of adding new, siloed products to address specific threats, we need to reduce the number of moving parts."

Google Cloud unveils new convergence-focused security features - SiliconANGLE

Google Cloud unveils new convergence-focused security features Google LLC today announced several new security features and capabilities at its annual Google Cloud Security Summit that are aimed at "reimagining cybersecurity through the power of convergence." Convergence was a key theme at the annual conference, with Google intentionally choosing strategic capabilities that can have the largest impact on security posture and programs. Those capabilities are about driving a platform with core security functions of detection, investigation and response, coupled with risk management for where business-critical applications and data increasingly live. Along with detailing the broader market and how Google Security Operations are facilitating things like hack-a-thons and new processes to help build a strong security foundation, with artificial intelligence thrown in for good measure, Google Security announced three main new capabilities - Mandiant Custom Threat Hunt, new security command center capabilities and Chrome Enterprise Premium updates. Topping the list was Mandiant Custom Threat Hunt, which offers point-in-time threat hunt capabilities to complement managed detection and response services. The service, which can also be used to supplement in-house threat-hunting programs, helps organizations uncover ongoing and past threat actor activity in their environment while improving their ability to detect future threats. New Security Command Center capabilities announced at the conference include the ability to surface never-before-seen toxic combinations that create vulnerabilities and allow access to valuable resources. With the update, the SCC finds toxic combinations using what Google is calling "virtual red teaming" that continuously simulates a determined attacker who attempts to infiltrate cloud defenses by trying millions of attack permutations against a digital twin model of a given cloud environment to find possible attack paths. The new SCC update is also designed to advance multicloud cloud infrastructure entitlement management capabilities to help customers manage cloud identities and maintain a least privilege access model. The third significant announcement - Chrome Enterprise Premium updates, offer new capabilities in Chrome Enterprise Premium that enable users to obtain faster and easier protections with pay-as-you-go pricing, protect data with watermarking, gain greater visibility into browsing activity with URL filtering for browser history and view Chrome Security Insights for a more nuanced understanding of threats. Also announced at the summit were a range of new controls and capabilities created to help strengthen organizational security posture and ensure compliance. For identity access and management, a now-in-preview Privileged Access Manager enforces the principle of least privilege with just-in-time, time-bound and approval-based access elevations for high-privilege users. At the same time, the Principal Access Boundary allows defining authorized resource sets for principals regardless of existing IAM policies. Now generally available, Certificate-Based Access uses mutual TLS to bind user credentials to a device certificate and Workforce Identity Federation with Microsoft Entra ID enables Single-Sign-On to access Google BigQuery from Microsoft Power BI without requiring user or group provisioning in Google Cloud. Additionally, VPC Service Controls now support private IP, allowing authorized traffic from specific internal networks or on-premises environments to access protected cloud resources. For data security, Google announced new confidential VM options in preview that protect data and applications in use with hardware-based memory encryption, while AMD SEV-SNP, now generally available on N2D machines and in preview on C3D instances, enhances data confidentiality and integrity with strong memory integrity and hardware-rooted remote attestation. Additionally, Key Access Justifications for Cloud HSM, now in preview with Assured Workloads, offers access transparency and justifications for Cloud HSM-based keys.

Google Cloud Security Summit unveils new convergence-focused security features - SiliconANGLE

Google Cloud Security Summit unveils new convergence-focused security features Google LLC today announced several new security features and capabilities at its annual Google Cloud Security Summit that are aimed at "reimagining cybersecurity through the power of convergence." Convergence was a key theme at the annual conference, with Google intentionally choosing strategic capabilities that can have the largest impact on security posture and programs. Those capabilities are about driving a platform with core security functions of detection, investigation and response, coupled with risk management for where business-critical applications and data increasingly live. Along with detailing the broader market and how Google Security Operations are facilitating things like hack-a-thons and new processes to help build a strong security foundation, with artificial intelligence thrown in for good measure, Google Security announced three main new capabilities - Mandiant Custom Threat Hunt, new security command center capabilities and Chrome Enterprise Premium updates. Topping the list was Mandiant Custom Threat Hunt, which offers point-in-time threat hunt capabilities to complement managed detection and response services. The service, which can also be used to supplement in-house threat-hunting programs, helps organizations uncover ongoing and past threat actor activity in their environment while improving their ability to detect future threats. New Security Command Center capabilities announced at the conference include the ability to surface never-before-seen toxic combinations that create vulnerabilities and allow access to valuable resources. With the update, the SCC finds toxic combinations using what Google is calling "virtual red teaming" that continuously simulates a determined attacker who attempts to infiltrate cloud defenses by trying millions of attack permutations against a digital twin model of a given cloud environment to find possible attack paths. The new SCC update is also designed to advance multicloud cloud infrastructure entitlement management capabilities to help customers manage cloud identities and maintain a least privilege access model. The third significant announcement - Chrome Enterprise Premium updates, offer new capabilities in Chrome Enterprise Premium that enable users to obtain faster and easier protections with pay-as-you-go pricing, protect data with watermarking, gain greater visibility into browsing activity with URL filtering for browser history and view Chrome Security Insights for a more nuanced understanding of threats. Also announced at the summit were a range of new controls and capabilities created to help strengthen organizational security posture and ensure compliance. For identity access and management, a now-in-preview Privileged Access Manager enforces the principle of least privilege with just-in-time, time-bound and approval-based access elevations for high-privilege users. At the same time, the Principal Access Boundary allows defining authorized resource sets for principals regardless of existing IAM policies. Now generally available, Certificate-Based Access uses mutual TLS to bind user credentials to a device certificate and Workforce Identity Federation with Microsoft Entra ID enables Single-Sign-On to access Google BigQuery from Microsoft Power BI without requiring user or group provisioning in Google Cloud. Additionally, VPC Service Controls now support private IP, allowing authorized traffic from specific internal networks or on-premises environments to access protected cloud resources. For data security, Google announced new confidential VM options in preview that protect data and applications in use with hardware-based memory encryption, while AMD SEV-SNP, now generally available on N2D machines and in preview on C3D instances, enhances data confidentiality and integrity with strong memory integrity and hardware-rooted remote attestation. Additionally, Key Access Justifications for Cloud HSM, now in preview with Assured Workloads, offers access transparency and justifications for Cloud HSM-based keys.