Identity and Security
Detect, investigate, and protect against threats with security best practices for cloud, on-premises, or hybrid deployments.
- 13 Topics
- 20 Replies
The U.S. Department of Homeland Security (DHS) recently announced the results of the first report from the Cyber Safety Review Board (CSRB) on the log4j software library vulnerabilities discovered in late 2021. Google welcomed the opportunity to participate in the development of the CSRB report and share our own experiences responding to this and other incidents. Building on this momentum, today we are going to share Google’s approach to address the log4j report’s recommendations. We see this as an important part of our effort to support others in the industry as we all work together to increase open source security. This includes: Driving adoption of best practices; Building a better software ecosystem; and Making long term investments in digital security. Together, these efforts demonstrate the steps we take to protect others and reflect our broader commitment to improve security for everyone. Here is the linik to read more details.https://cloud.google.com/blog/products/ident
A cloud service called Chronicle was developed enabling businesses to privately store, process, and search the enormous volumes of security and network telemetry they produce. It was constructed as a customised layer on top of the basic Google infrastructure. Chronicle normalises, indexes, correlates, and analyses the data to offer immediate insight and context on dangerous conduct.Using data, immediately analyse Google Cloud assists your security operations team in navigating this still developing paradigm by providing best practises and critical answers that will better equip it to deal with threats in the cloud.It contains: A technical primer on what makes cloud security different than on premises How detection and response can be best achieved in the cloud Clarity on who is responsible for detection and response in the cloud, between user and provider Why moving to the cloud is an opportunity to transform how you can achieve your SecOps goals of confidentiality, integrity, and
The Google Cloud documentation is not clear on this. We’ve been trying to understand if Google Cloud can access data stored in Google Storage when using Google-managed encryption keys.If yes, is there a way to restrict such access?
Ameer Abbas, Senior Product Manager at Google will discuss about ever-growing risk of network threats and bad actors, many organizations are turning to zero trust networks to ensure that only trusted users and devices are given access. In this session, we’ll discuss what zero trust networks are, what risks they mitigate, and common patterns found in a dynamic microservices environment. To Join this session please check the following link: https://cloudonair.withgoogle.com/events/innovators-architecting-zero-trust-networks
Here are the latest updates, products, services and resources from GCP security teams on May: PSP protocol now open source: In order to better scale the security GCP offer their customers, they created a new cryptographic offload protocol for internal use that they open sourced in May. Intentionally designed to meet the requirements of large-scale data-center traffic, the PSP Protocol is a TLS-like protocol that is transport-independent, enables per-connection security, and is offload-friendly. Updating Siemplify SOAR: The future of security teams is heading towards “anywhere operations,” and the latest version of Siemplify SOAR can help get us there. It gives organizations the building blocks needed across cloud infrastructure, automation, collaboration, and analytics to accelerate processes for more timely responses and automated workflows. In turn, this can free up teams to focus on more strategic work. Guardrails and governance for Terraform: Popular open-source Infrastruct
Source: official Google Cloud BlogWe have Data Security:at Rest, in-transit & in-useEncryption is a core control for data security, and Google Cloud offers multiple encryption options for the data.@Priyanka Vergadia is shedding some light on each of them in her new articleI would like to hear-read your thoughts on how you secure your data @bngejane, @Ananth@enzonil70 and @Irtaza Ali do you think it is enough for cybersecurity issues?
Hey Google Cloud Security Community! Join us for the Google Cloud Security Summit on May 17 to learn from experts, explore the latest tools, and share our vision for the future of security. Discover new ways to define and drive your security strategy and solve for your biggest challenges. During the event, you’ll:Gain insights on how you can move to zero trust architectures, bolster software supply chain security, and defend against ransomware and other emerging threats. Be among the first to explore new products and enhanced capabilities in cloud governance, digital sovereignty and security operations. Uncover innovative approaches from your peers that can help solve your toughest security challenges. Register today for this digital event and view the full agenda now. We look forward to seeing you there!
What is IDENTITY? What is ACCESS? What is I&AM? What are the differences between Authentication and Authorization?🤔🖐Welcome to the complex world of Application Security! No worries! You will understand IAM easily from this 3-minute simple story of your own life: “IAM in the Airport”."I&AM in Airport" -IAM Explained Simply in Fun Story Hi🖐, I am Della, I am a cloud professional, IT professor, and learning designer. I want to help you understand cloud, and understand career in cloud, in simple, easy, and fun stories!If you like this video, you can find more from my channel “Simple ‘it’ Story Shows” on cloud services, resources, and IT works. Yes, Cloud is complicated. But you can understand "it", one story at a time, and have fun! 😀 https://www.youtube.com/channel/UC1bu...
Information Week recently invited C2C Global President Josh Berman (@josh.berman) to contribute an article about the shared roles of businesses and cloud service providers in ensuring cloud security. For broader perspective on this critical topic, Berman spoke with Paul Lewis, CTO of Pythian, a C2C Foundational Platinum Partner and Google Cloud Premier Partner, about the nuanced distinction between “Security of the Cloud” and “Security in the Cloud.”Read more about it in the following article:
Login to the community
Social LoginLogin With Your C2C Credentials
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.