Identity and Security | C2C Community

Identity and Security

Detect, investigate, and protect against threats with security best practices for cloud, on-premises, or hybrid deployments.

  • 80 Topics
  • 58 Replies

80 Topics

ilias
C2C Team Member
iliasC2C Team Member
published in Identity and Security

Introducing the Identity & Security Moderators

Pambos CharalambousUsername:     pambos     Bio:Pambos Charalambous is a seasoned Google Cloud Security professional who is passionate about helping businesses to reduce their overall risk in the Cloud. He enjoys securing Cloud deployments and protecting sensitive data. Pambos is adept at working with senior management to develop and implement security policies, standards and strategies, which cover all aspects of Cloud security, governance and risk management.Company: GFT GroupJob Title: Principal Cloud Architect - GCP  Jerome ChappolardUsername: Jerome at Orca Security      Bio:Jérôme is in charge of Southern Europe at Orca Security . Jérôme has 20+ years of experience in IT and cybersecurity and a go to market approach. Jérôme is a partnership builder to develop new markets, as well as a new tech and disruptive approach lover.Company: Orca SecurityJob Title: Cloud Security Advisor  Philippe RondelUsername: prondel      Bio:Philippe has 25 years experience in Cybersecurity. He Worked

904
Dimitris Petrakis
C2C Team Member
5 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Google Cloud Security Workshop Series' 23

Learn how to secure your cloud environment with Google Cloud security experts. Google Cloud security experts will teach you how to use cloud-native security technologies to improve your ability to see your assets, find vulnerabilities and configuration errors, identify security risks, detect threats, and meet compliance requirements.Click on the link below to join this workshop. https://rsvp.withgoogle.com/events/google-cloud-security-workshop-series 

0
malamin
Icon
5 days ago
anand81
anand81Newbie
asked in Identity and Security

KMS Key rotation - re-encrypting data.

Hi All,Need help on KMS Key rotation.  Currently,  I have encrypted my 20 TB data in several GCS buckets using key Primary Version - 2 with  90 days key rotation period.After 90 days period, I have to create new key version  - 3 and make it primary and version - 2 to disable. Question is that - Will i am able to encrypt current 20 TB data using new key version -3? if yes, how. What will happen when I disable key version - 2?  Should i am able to encrypt my older encrypted data with key version -3  as  version -2  is disabled now? Do I need to re-encrypt data with key version -3 or on each key rotation?  does it implies any direct/indirect cost to me?

0
anand81
29 days ago
Dimitris Petrakis
C2C Team Member
Dimitris PetrakisC2C Team Member
published in Identity and Security

C2C 2Learn event tomorrow: Software Supply Chain Security: Provenance, Transparency, and Context

Let's talk abut the practical, effective measures you can use to enhance your software supply chain security at tomorrow's event here at C2C - The Google Cloud Customer Community, entitled "Software Supply Chain Security: Provenance, Transparency, and Context" with Mark Chmarny, Product Manager at Google. Mark will illustrate how to implement artifact provenance attestation in your release pipelines and increase the traceability of the components and dependencies used in your software. Using these measures, you will be able to more easily identify any outdated or insecure packages that could be exploited by attackers.We will discuss how to: 👉 Implement artifact provenance attestation in your release pipelines using Supply-chain Levels for Software Artifacts (SLSA)👉 Increase the traceability of the components and dependencies used in your software to enable you to more easily identify any outdated or insecure packages that could be exploited by attackers using a Software Bill of Mater

110
Dimitris Petrakis
C2C Team Member
2 months ago
prondel
Explorer
prondelModerator
posted in Identity and Security

AI to increase Cloud Security

As AI has come into the spotlight and become the topic of much discussion, I wanted to give an update on the many different ways Orca Security is using AI to bring better cloud security. Powered by Orca’s AI, the IAM Policy Optimiser analyzes IAM administrators’ recent usage, and clusters this usage into separate groups according to behavior. Orca calculates the largest security improvements that can be made with the least policy changes, and provides teams with guided remediation steps to reduce IAM risk, as well as suggests a new least-privileged policy to each of the new groups. https://orca.security/resources/blog/securing-identities-and-entitlements-across-multi-cloud-with-orca-ciem/  Artificial Intelligence (AI) plays a crucial role in identifying when there’s an active attack occurring in your cloud environment. AI can process large volumes of data and logs, and in the blink of an eye, perform in-depth contextual analysis to determine when events are significantly anomalous and

0
prondel
Explorer
2 months ago
prondel
Explorer
prondelModerator
posted in Identity and Security

Flaw in Google Cloud Build: Bad.Build

Bad.Build is a critical design flaw discovered by the Orca Research Pod in the Google Cloud Build service that enables attackers to escalate privileges and gain unauthorized access to code repositories and images in Artifact Registry. The flaw presents a significant supply chain risk since it allows attackers to maliciously tamper with application images, which can then infect users and customers when they install the application. As we have seen with the SolarWinds and recent 3CX and MOVEit supply chain attacks, this can have far reaching consequences.We would like to thank Google for working closely with Orca and for quickly addressing one of the discovered issues.Full article with Recommendations: https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability/

0
prondel
Explorer
2 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

How to migrate sensitive data with confidence using Google Cloud’s CDMC-certified architecture

Google Cloud has released a new solution that has been certified by the Enterprise Data Management Council (EDM Council) as a Cloud Data Management Capabilities (CDMC) Certified Cloud Solution. The solution, which includes Google Cloud's BigQuery and Dataplex Data Catalog, has been validated against CDMC's control framework and can be used by new or existing Google Cloud clients to migrate their sensitive data to the cloud with greater confidence.The CDMC framework provides a set of data management capabilities, standards, and best practices for securing cloud implementations. It was developed and published by EDM Council, which is a global non-profit trade association for advocating data management and analytics. Contributors to the framework include large global enterprises across regulated industries, major cloud service providers, technology service organizations, and advisory firms.The release of this new solution is a significant milestone for Google Cloud and the CDMC framework.

1
KateVysh
Guru
2 months ago
mayurrathi26
mayurrathi26Moderator
posted in Identity and Security

Expanding our Security AI ecosystem at Security Summit 2023

Check out this article on the Cloud Blog:Top of mind at Security Summit 2023 are insights into the evolving threat landscape, and how our innovations, including generative AI-driven capabilities, can help. https://cloud.google.com/blog/products/identity-security/expanding-our-security-ai-ecosystem-at-security-summit-2023

0
mayurrathi26
3 months ago
J
Jerome at Orca securityModerator
posted in Identity and Security

GCP User experience with Visibility and Security, all in compliance

Every month, more than 1 million creators worldwide use Unity’s expansive platform to develop games, create beautiful visual effects, and design everything from electric cars to skyscrapers. The company’s comprehensive suite of solutions makes it easier to create, run, and monetize 2D and 3D content.Unity has long recognized the importance of security not just to protect critical networks and sensitive information, but also to maintain an always-on, undistracted experience for its users. Every millisecond counts for the platform that is used to make 70% of the top 1,000 mobile games globally, and its infrastructure needs to be optimally resilient against downtime and security threats.That’s why Unity selected Google Cloud and partner Orca Security to safeguard cloud workloads, data, and users across multi-cloud development and runtime environments.Let’s take a look at how the partnership between Orca and Google Cloud helps Unity maintain optimal visibility across their IT landscape for

0
J
3 months ago
L
leafNewbie
asked in Identity and Security

Does anyone know how to get Identity Services OAUTH stuff to work with a go web application?

We have several internal apps written in nodejs and those guys figured it out pretty easily. But, the go team and I haven’t been able to get it working with those applications. I’ve looked into it quite a bit and I can see why… the documentation is pretty confusing and there aren’t any good 3rd party HOWTOs that explain it. Doesn’t anyone here know how to get it up and running? I can see that there’s a go library for OAUTH in the Google library, but I can’t find enough documentation to make it work. TIA.

3
stewypunk
Explorer
5 months ago
prondel
Explorer
prondelModerator
posted in Identity and Security

Google Cloud Storage Explorer: Enumerating Google Cloud’s Bucket Access Permissions

It’s easy to overlook inheritance in Google Cloud. Inheritance can give compute engine instances unintentionally more privileges than intended. So when examining permissions for a resource, keep in mind that the resource might have permissions granted to them via inheritance in addition to the permissions they granted directly.In the previous blog post, Lateral Movement in Google Cloud: Abusing the Infamous Default Service Account Misconfiguration, we reviewed some essential Google Cloud components to include service accounts, service account types, roles, and cloud API access scopes to understand how these components can be used to gain lateral movement capabilities.Using the same components mentioned above and different enumeration processes, an attacker can detect which compute engine instances could expose the storage data in its Google Cloud project scope.  Article and demo from Liat Vaknin:https://orca.security/resources/blog/google-cloud-platform-storage-explorer/ Tool from Liat

0
prondel
Explorer
5 months ago
T
thecityforbesNewbie
posted in Identity and Security

How to secure my website from unethical users?

My blog website give the users worldwide news , music and biographies, and I want to secure my site from that users which cause some issues for us.

2
Abdelwaheb
5 months ago
ChrisMitchell
Google Employee
ChrisMitchellGoogle Employee
posted in Identity and Security

Join Google Cloud Security Talks 2023 - March 22!

Hi Google Cloud Identity and Security Community!I wanted to invite you all to our upcoming Google Cloud Security Talks 2023 virtual event on March 22. Our first Security Talks of 2023 is designed to help you better understand threat actors and potential attack vectors, secure your cloud transformation, and detect, investigate and respond to threats faster.Hear from experts and explore the latest threat intel from across Google Cloud’s Threat Analysis Group (TAG), Mandiant and VirusTotal, see what your peers had to say as we review the results of a recent cloud security survey report, and check out all the latest Google Cloud Security product innovations!Check out our agenda, register, and more here --> https://goo.gle/3n1YmlS

0
ChrisMitchell
Google Employee
6 months ago
alexandria.johnson
C2C Team Member
alexandria.johnsonC2C Team Member
posted in Identity and Security

Register Today: Ransomware Recovery with Google, NetApp, and Workspot

A company becomes the victim of ransomware every 11 seconds. Despite billions of dollars spent to thwart ransomware attacks, an astonishing 66% of companies fell victim to these attacks in 2021, according to Sophos's State of Ransomware 2022 report. Organizations must take precautions to stop attacks before they happen, as recovering from ransomware takes a minimum of 30 days. Join speakers from Google Cloud, NetApp, and Workspot as they focus on the impact of ransomware on organizations and how you can improve your storage options!Register today!

0
alexandria.johnson
C2C Team Member
6 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Craft your Incident Response strategy with tips from top industry experts

 Here is Incident Response strategy with tips from top industry experts. Prepare your defense with these best practices and legal considerations to help reduce the impact of a compromise and rapidly resume your business operations.This webinar will cover:How to gain visibility into your risks Why compliance does not guarantee security The threat profile of a cyber attack including prevention and recovery strategies Insurance measures available to mitigate cyber risk  Legal implications of an attack and steps you can take to prepare for breachesClick on the link below to join this event.Date: 28 March 2023 20:30- 21:30 BSThttps://cloudonair.withgoogle.com/events/develop-your-incident-response-playbook 

0
malamin
Icon
6 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Google Cloud Security Forum UKI event at Google Office, London.

Join with Google Cloud Security Forum UKI event. Collaborate with a vibrant group of Cyber experts, Developers, Architects and Security Specialists at the Google office.🗓️ Thursday 27th April📍 123 Google Office, SW1W 9SR⏰08:30 am - 18:00 PM💡 Discover cutting edge security trends, tools and techniques used at both Google Cloud and recently acquired Mandiant plus much more!👾 Hackathon... there are prizes!☕ Network & CollaborateJoin this event click on the link below.https://rsvp.withgoogle.com/events/google-cloud-security-forum-27april

0
malamin
Icon
7 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Google Cloud and Mandiant Present Virtual Lunch and Learn series : Transforming Your Security Operations

 How do you defend against the world’s most advanced threat actors? Join Google Cloud and Mandiant for a lunch and learn series where Google Cloud experts discuss and demo how to transform your security operations center with context and threat intelligence from the frontlines.Format: VirtualDates: This series kicks off March 1st and will run on a bi-weekly basis through June 7th Click on the link below to join this virtual event. https://rsvp.withgoogle.com/events/solution-gtm-lunch-and-learn_ffef14

0
malamin
Icon
7 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Accenture and Google Cloud Security Framework for Financial Services - Executive summary

It is quite interesting to learn how Financial Service company address their security concern and smoothly deliver the client service.  Here is the Accenture and Google Cloud have developed a technical white paper to address security concerns of Financial Services firms by providing a comprehensive preventative and detective reference framework that indicates how FIs can secure their Google Cloud environment. Read the executive summary to learn how financial services firms can strengthen their operational resilience and address risks.Click on the link below to read it more detail.https://services.google.com/fh/files/emails/agbg_jan_25_exec_summary_fi_tech_whitepaper.pdf

0
malamin
Icon
7 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Calling all EU cybersecurity founders for Google startup

 Applications for the Google for Startups Growth Academy: Cybersecurity program are now open. The three-month program will begin in April and introduce leading European cybersecurity startups to the best of Google.Click on the link below to read in details.https://blog.google/outreach-initiatives/entrepreneurs/calling-all-eu-cybersecurity-founders/  

1
J
8 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

DDoS defense blow-by-blow: How Google Cloud Armor mitigated the largest DDoS attack reported to date

This June, Cloud Armor detected and mitigated a 46 million request per second DDoS attack against a GCP customer — the largest HTTPS DDoS attack on record. Similar to some of the previously reported record-setting attacks, it appears to have come from the Meris botnet. Hear from the Cloud Armor Product and Engineering team as they talk through an analysis of the attack and mitigation details blow by blow, and learn best practices of how to protect your own environment from DDoS attacks using Cloud Armor. Click on the link below to watch it in detail. Extra credit: 

4
malamin
Icon
8 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Managed and secure dev environment on Google Cloud

Cloud Workstations gives developers quick access to fast, customizable dev environments anywhere with support for multiple integrated development environments (IDEs). Join Google Cloud partner, JetBrains, and Google Cloud team to learn how Cloud Workstations makes it easy to provide cloud-based IDEs at scale with built-in security mechanisms. In this session, They’ll provide an overview and demo of this managed service, including examining JetBrains IDE integration and a roadmap discussion.It was Original air date: 18 January 2023 17:00You can watch it in details to click on the link below; Or watch on demand to click on the link below.https://cloudonair.withgoogle.com/events/cloud-workstations-multi-ide/ 

0
malamin
Icon
8 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Women in Security Community Event 2023

Join with Inaugural #WomeninSecurity #Community Event on February 2nd 2023. By celebrating the #women making an impact in #Cybersecurity, this can demonstrate the path to leadership and success for diverse women everywhere in this exciting and expanding field.This event will bring together #women in the cybersecurity fields to network, share insights, collaborate, meet peers, and support each other to actively contribute to the industry.Get ready to start some security-loving conversations! There will be a spectacular keynote speaker, a panel discussion where you will hear from executives in the industry making an impact and much more. You can find the full agenda here.This is not a women only event and is open to all, women and allies!**When:** Thursday, February 2, 2023 14:00 - 21:00 GMT**Where: ** Google UK Office, 6 Pancras Square, Kings Cross, London N1C 4AG UKRegister today and we hope you won’t pass up this opportunity to engage with other cybersecurity customers and Googlers at

0
malamin
Icon
8 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Solving for software supply chain security

Safeguard everything from people and customers to data and transactions using Google Cloud solutions on the SLSA framework., You can Discover how you can improve security across your software delivery lifecycle. The digital world is seeing an ever increasing rise of cybersecurity threats. Rethinking your organization's security posture means finding ways to identify and protect everything from people and customers to data and transactions.  Click on the link below to join this event. https://cloudonair.withgoogle.com/events/2022-sea-appeco-webinar 

0
malamin
Icon
8 months ago
malamin
Icon
malaminModerator
posted in Identity and Security

Protecting your infrastructure with Google Cloud Armor

Security is an essential element of any cloud service, and everyone wants to know that their information will be safe. Google Cloud Armor can protect your systems from web-based attacks and mitigate distributed denial-of-service (DDoS) attacks. It gives you enterprise-grade defense, whether your application is deployed on Google Cloud, on premise, or in a multicloud architecture. Learn from Google cloud partner Searce how Google Cloud Armor has already helped other customers with security and infrastructure. This webinar is intended for Chief Security Officers, CIOs, CDOs,Security Decision Makers and Security Teams. During the webinar, you’ll have the opportunity to exchange your ideas, concerns and questions with our speakers in the chat.Click on the link below to join this event: https://cloudonair.withgoogle.com/events/protecting-infrastructure-googlecloudarmor 

0
malamin
Icon
8 months ago
dominikkugelmann
Adventurer
dominikkugelmannAdventurer
posted in Identity and Security

Okta Source Code was Hacked

So...it happened again. Okta hacked. https://www.bleepingcomputer.com/news/security/oktas-source-code-stolen-after-github-repositories-hacked/ How does this ☝🏼 affect your risk assessment of Okta (and others)? 🧵

0
dominikkugelmann
Adventurer
9 months ago

Recently Awarded Badges

Show all badges
Terms & Conditions