Identity and Security | C2C Community

Identity and Security

Detect, investigate, and protect against threats with security best practices for cloud, on-premises, or hybrid deployments.

  • 71 Topics
  • 54 Replies

71 Topics

malamin
malaminModerator
posted in Identity and Security

Google Cloud and Chronicle help BBVA imagine new security use cases

BBVA, a Spanish multinational financial services company based in Madrid and Bilbao, Spain, is one of the largest financial institutions in the world. They partnered with Google Cloud and Chronicle to augment their homegrown security operations platform, allowing them to digest more data and extend threat detection and response use cases into the cloud. Click on the video below to watch it in detail: Extra Credit:Click on the link below to read it more detail:https://f.hubspotusercontent40.net/hubfs/2567647/BBVA_Case_%20Study.pdf

0
malamin
6 months ago
malamin
malaminModerator
posted in Identity and Security

Google + Mandiant: Transforming Security Operations and Incident Response

Only with Google Cloud and Mandiant can you leverage our planet scale analytics to action threat intel from the frontlines - providing you a faster way to detect, investigate, and respond to incidents at scale.Today Thomas Kurian CEO, Google Cloud to share the completion of Google Cloud acquisition of Mandiant, a leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant shares google cloud cybersecurity vision and will join Google Cloud to help organizations improve their threat, incident and exposure management. Combining Google Cloud’s existing security portfolio with Mandiant’s leading cyber threat intelligence will allow Google Cloud to deliver a security operations suite to help enterprises globally stay protected at every stage of the security lifecycle. With the scale of Google’s data processing, novel analytics approaches with AI and machine learning, and a focus on eliminating entire classes of threats, Google Cloud and Mandiant will help or

2
malamin
6 months ago
malamin
malaminModerator
posted in Identity and Security

Protecting Google Applications with Fortinet’s Web & API Security

  Protecting Google Applications with Fortinet’s Web & API SecurityDigital innovation is causing increased risk as cyber threats take advantage of the disruption. Learn about our cloud native SaaS based web application firewall (WAF) that protects web applications and APIs from the OWASP Top 10 threats, zero-day attacks and other application layer attacks. Simple to set up and with in-built AI/ML, the Fortinet WAF automatically adapts to learn and protect your specific application. Click on the video below to watch it in detail:.

3
ilias
C2C Team Member
6 months ago
malamin
malaminModerator
posted in Identity and Security

Troubleshooting group and resource hierarchy permissions

Identity and Access management, or IAM, in Google Cloud gives you precise control over the permissions that users have. In this video, will discuss using the Policy Troubleshooter to investigate group membership and resource hierarchy permissions to understand how you can allow users to access and modify resources.Click on the video below to watch it in detail:  Chapters:0:00 - Intro0:51 - Example permissions in Cloud Storage1:40 - Using the Policy Troubleshooter2:03 - Understanding the resultsExtra Credit :Policy TroubleshooterTroubleshoot IAM permissions → https://goo.gle/3Q6rJw0Full resource names → https://goo.gle/3CVzwKk

0
malamin
6 months ago
Dimitris Petrakis
C2C Team Member
Dimitris PetrakisC2C Team Member
posted in Identity and Security

How to introduce more empathy into security operations

Here is a great podcast of How to introduce more empathy into security operations.

0
Dimitris Petrakis
C2C Team Member
6 months ago
malamin
malaminModerator
posted in Identity and Security

Tips for succeeding with your cloud data security strategy

Do you currently know each location you might store sensitive data? How about the data you collect from customers and partners? If not, you’re not alone. In this video,  Scott Ellis, Product Manager, Google Cloud will cover how Google can help you gain understanding and visibility into what data you are storing, and where it is located - regardless if it’s unstructured data in BigQuery or scanned images in storage. This allows you to take appropriate measures to protect your data, and build a comprehensive data security strategy that adapts as quickly as your data changes. To view it in detail, click on the video below: https://cloudonair.withgoogle.com/events/emea-security-talks/watch?talk=talk7

1
ilias
C2C Team Member
6 months ago
malamin
malaminModerator
posted in Identity and Security

How to get started with network-based threat detection in Google Cloud

How to get started with network-based threat detection in Google Cloud. As more and more applications move to the cloud, network security teams must protect them against an ever-evolving threat landscape. Shielding applications from network-based threats is also one of the most important criteria for regulatory compliance. In this video you will see a live  demonstration of Cloud IDS, our cloud-native, managed, industry-leading  network based threat detection, and how you can integrate its findings into your security operations ecosystems and workflows, including cloud-native SIEM, third party XDR, and SOAR systems.  To view it in detail, click on the video below:  

0
malamin
6 months ago
malamin
malaminModerator
posted in Identity and Security

Creating compliant environments in Google Cloud

​ Creating compliant environments in the cloud doesn’t need to be difficult or force you to compromise on using the latest and most innovative services.  In this video, Bryce Buffaloe, product manager security & compliance, google cloud will show how you can manage requirements for your regulated workloads with just a few clicks. See how you can set controls for where your cloud data is stored and processed, the personnel who are authorized to support your deployment, and who can access cloud resources on a workload-by-workload basis, with seamless platform compatibility between regulated and commercial cloud environments.Click on the video below to watch it in details: ​

0
malamin
6 months ago
malamin
malaminModerator
posted in Identity and Security

Container Security: Building trust in your software supply chain

Whether building an application on Kubernetes, Serverless, or Virtual Machine, end-to-end security is crucial to mitigate the rapid growth in open source software, as well as recent cybersecurity attacks and data breaches. The following video will help you to learn about how you can adopt an in-depth, security-first approach with Google Cloud that embeds security and compliance at every step of your software lifecycle.  1. Secure Software Supply Chain KeynoteSpeaker: Pali Bhat, Eric Brewer, Aparna Sinha, Phil Venables, Brenna Washington, Dustin Ingram, Shane Lawrence They We'll discuss the state of the container security industry, including the lessons you can learn from recent breaches, plus best practices you can implement today to secure the software supply chain and establish trust throughout the delivery process.    2. Lurking in the deep: Control your open source dependenciesSpeaker: Nicky Ringland, Don McCasland Nearly all software depends on open source and other external, thir

0
malamin
6 months ago
malamin
malaminModerator
posted in Identity and Security

5 must-know security and compliance features in Cloud Logging

Cloud loggingCloud Logging is now FedRAMP High certified!As enterprise and public sector cloud adoption continues to accelerate, having an accurate picture of who did what in your cloud environment is important for security and compliance purposes.Logs are critical when you are attempting to detect a breach, investigating ongoing security issues, or performing forensic investigations.These five must-know Cloud Logging security and compliance features can help customers create logs to best conduct security audits.The first three features were launched recently in 2022, while the last two features have been available for some time.  Cloud Logging is a part of Assured Workloads.  Cloud Logging is now FedRAMP High certified. “Manage your own Keys,” also known as customer managed encryption keys (CMEK), can encrypt Cloud Logging log buckets. Setting a high bar for cloud provider transparency with Access Transparency. Track who is accessing your Log data with Access Approval Logs.   

2
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Easily shift to zero-trust cloud infrastructure protection

Migrating existing workloads or deploying new workloads in the cloud provides the opportunity to improve protection against attacks. Come learn about approaches to defend your network perimeter and prevent lateral movement of threats. Tracy Jiang, Senior project manager, Google Cloud will discuss the unique capabilities of Google Cloud firewalls that can deliver a no-compromise zero-trust posture. She will also discuss how firewall insights and Cloud IDS can monitor for gaps in protection and prevent attacks. Click on the following video to watch it in detail :   Video insights:      

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Achieve zero-trust certificate issuance with CAS

Are you moving your organization from on-premise PKI services to Google Cloud? With Certificate Authority Service (CAS), you can achieve zero-trust policies for secure communication with your CAs. Watch along and learn how CAS provides fully managed, cloud-native CAs for Google Cloud Platform customers in conjunction with VPC Service controls to maintain zero-trust in the cloud.Click on the following video to watch it in detail : 0:00 - Intro0:33 - Today’s on-premise PKI deployments0:54 - Certificate Authority Service (CAS) + Virtual Private Cloud (VPC) SC1:26 - Virtual Private Cloud service controls2:16 - VPC access controls2:57 - What is Access Context Manager (ACM)?3:13 - CAS & VPC SC perimeter example4:51 - Wrap up Extra Credit:Access Context Manager → https://goo.gle/3cfBJ7V Endpoint verification → https://goo.gle/3PdNsTa VPC Service Controls→ https://goo.gle/3aKg5bu

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Announcing Virtual Machine Threat Detection now generally available to Cloud customers

 The Google Cloud team has given hard work on virtual machine scaling the service, refining virtual machine detection capabilities, and preparing google cloud's next major feature set. VMTD in general availability has been scaled to support significantly more frequent scanning across a tremendously large number of instances. Scaling the scanning of memory from the Google Cloud Compute Engine (GCE) fleet has posed unique challenges, and google cloud invested in caching scan results to enable more frequent scans of smaller – but more important – sections of memory.Today Google cloud are announce that their unique, first-to-market detection capability with Virtual Machine Threat Detection (VMTD) in Security Command Center is now generally available for all Google Cloud customers. Follow the link below to read more details: https://cloud.google.com/blog/products/identity-security/introducing-virtual-machine-threat-detection-to-block-critical-threats 

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Announcing curated detections in Chronicle SecOps Suite

A critical component of any security operations team’s job is to deliver high-fidelity detections of potential threats across the breadth of adversary tactics. But increasingly sophisticated threat actors, an expanding attack surface, and an ever-present cybersecurity talent shortage make this task more challenging than ever. Google keeps more people safe online than anyone else. Individuals, businesses and governments globally depend on our products that are secure-by-design and secure-by-default. Part of the “magic” behind Google’s security is the sheer scale of threat intelligence google cloud are able to derive billions of users, browsers, and devices.  Please visit the following link for more details:https://cloud.google.com/blog/products/identity-security/introducing-curated-detections-in-chronicle-secops-suite

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

How CISOs need to adapt their mental models for cloud security

To understand the differences between on-premises and cloud cybersecurity mental models, consider the types of threats that each is attempting to block, detect, or investigate. A new article based on the CISOs' mental models for cloud security was written by Seth Rosenblatt, security editor at Google Cloud, and Anton Chuvakin, senior staff consultant at the Office of the CISO. In the article, it was mentioned that many security leaders enter the cloud equipped primarily with on-premises-developed tools, procedures, skills, and, ultimately, mental models of how security functions. By aligning their current mental models with those of the cloud, these issues with cost and efficiency can be resolved. They explain the following important key points in this article: Network security Endpoint security Detection and response  Data security Identity and access management Shared fate for greater trust in cloud security Get ready to go cloud native Please click on the following link t

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Certificate templates for CAS

Want to simplify your policy controls while also making them more specific? In this episode of Certificate Authority Service, we’ll show the other side of policy controls with fine-grained policies, using templates. Watch to learn about templates which allow for defining a set of policy controls that are not tied to a single CaPool. Click on the following video to watch it in detail. Chapters:0:00 - Intro1:23 - Fine grained policies using templates2:20 - Roles needed2:52 - How to create a template3:59 - Wrap up Extra Credit:Creating certificate templates → https://goo.gle/3SVYBu6 Certificate templates → https://goo.gle/3pxiH01 Certificate profiles → https://goo.gle/3pnp8my Configure new CaPool to require using the new template → https://goo.gle/3K5yCwm Create certificates using the new template → https://goo.gle/3QTpDQK  

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

How Google Cloud blocked the largest Layer 7 DDoS attack at 46 million rps

An incredible story, proving the point around security and reliability on Google Cloud! Emil Kiner, Senior Product Manager, Cloud Armor, and Satya Konduru Technical Lead at google cloud have described full insight of the report based on the latest Google Cloud blocked the largest Layer 7 DDoS attack at 46 million rps.Click on the following link to read more detail about outstanding google cloud armor action against DDoS attacks. https://cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps 

2
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Google Cloud Security Talks 2022

Join the event “Show-and-Tell” Edition of Google Cloud Security Talks.This Google Security Talks will not just share what you need to know about google portfolio of products, it will show you how to use them. Explore Google cloud latest security products and innovations in a unique and refreshing way: by watching google cloud security experts put the solutions they helped build to the test via hands-on, fast-paced and highly visual demos. Each best-practice session will highlight top use cases for Google’s key security solutions and demonstrate step-by-step instructions for how you can apply these exact same scenarios in your own environment. Don’t just see products in action. Learn how you and your team can extract real value. Join the Google Cloud Security Talks to learn more! *To best accommodate varying schedules, Google Cloud security experts are offering two Security Talks sessions per topic throughout the day. Register for your preferred session time below.* Plus, enjoy a spec

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Fastest Two Minutes in SecOps: Cloud security [Video]

Dave Herrald, senior security strategist at Google Cloud and a former CISO at a payment processes company. How can you succeed in the cloud’s new detection (and response) context, architect a more resilient cloud, keep SOC teams less frustrated and more upbeat, and most of all leverage the cloud to kickstart your security operations transformation? In the below video, Herald boils down a very big conversation—cloud security—into something salient and actionable. Enjoy!   

2
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

[Infographic] Have your SIEM ... and augment it too

How would you feel if you found that you could have your SIEM and also enhance it? For three examples of real-world use scenarios, scroll through the infographic below. If you add Chronicle to your current legacy SIEM, it will help your security operations team scale, be more affordable, and have a stronger reaction. However, replacing a SIEM can sometimes be an expensive endeavour, and every firm is at a different point of its security operations journey. One choice is to "augment" their stack using Chronicle SIEM from Google, which may help you rapidly and inexpensively achieve better security outcomes. What can you truly accomplish with a Chronicle enhancement, beyond the numbers? A new infographic makes three real-world application scenarios easier to understand. Google chronicle defines them in three titles:The “Cover All Your Bases” use case The “Hoarding is Rewarding” use case The “Automation Station” use caseClick on the following link to view the infographic:https://chronicle.

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Report recommendation: Drive existing best practices for security hygiene

The U.S. Department of Homeland Security (DHS) recently announced the results of the first report from the Cyber Safety Review Board (CSRB) on the log4j software library vulnerabilities discovered in late 2021. Google welcomed the opportunity to participate in the development of the CSRB report and share our own experiences responding to this and other incidents. Building on this momentum, today we are going to share Google’s approach to address the log4j report’s recommendations. We see this as an important part of our effort to support others in the industry as we all work together to increase open source security. This includes:  Driving adoption of best practices;  Building a better software ecosystem; and  Making long term investments in digital security.  Together, these efforts demonstrate the steps we take to protect others and reflect our broader commitment to improve security for everyone. Here is the linik to read more details.https://cloud.google.com/blog/products/ident

0
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Threat Detection, Investigation, and Response in the Google Cloud

A cloud service called Chronicle was developed enabling businesses to privately store, process, and search the enormous volumes of security and network telemetry they produce. It was constructed as a customised layer on top of the basic Google infrastructure. Chronicle normalises, indexes, correlates, and analyses the data to offer immediate insight and context on dangerous conduct.Using data, immediately analyse Google Cloud assists your security operations team in navigating this still developing paradigm by providing best practises and critical answers that will better equip it to deal with threats in the cloud.It contains: A technical primer on what makes cloud security different than on premises How detection and response can be best achieved in the cloud Clarity on who is responsible for detection and response in the cloud, between user and provider Why moving to the cloud is an opportunity to transform how you can achieve your SecOps goals of confidentiality, integrity, and

0
malamin
7 months ago
benedikt
benediktCommunity Member
asked in Identity and Security

Can Google Cloud access data stored in Google Storage when using Google-managed encryption keys?

The Google Cloud documentation is not clear on this. We’ve been trying to understand if Google Cloud can access data stored in Google Storage when using Google-managed encryption keys.If yes, is there a way to restrict such access?

3
malamin
7 months ago
malamin
malaminModerator
posted in Identity and Security

Architecting zero trust networks with GKE and Anthos Service Mesh

Ameer Abbas, Senior Product Manager at Google will discuss about ever-growing risk of network threats and bad actors, many organizations are turning to zero trust networks to ensure that only trusted users and devices are given access. In this session, we’ll discuss what zero trust networks are, what risks they mitigate, and common patterns found in a dynamic microservices environment. To Join this session please check the following link: https://cloudonair.withgoogle.com/events/innovators-architecting-zero-trust-networks 

0
malamin
7 months ago
ilias
C2C Team Member
iliasC2C Team Member
posted in Identity and Security

Security on GCP

Here are the latest updates, products, services and resources from GCP security teams on May:  PSP protocol now open source: In order to better scale the security GCP offer their customers, they created a new cryptographic offload protocol for internal use that they open sourced in May. Intentionally designed to meet the requirements of large-scale data-center traffic, the PSP Protocol is a TLS-like protocol that is transport-independent, enables per-connection security, and is offload-friendly.  Updating Siemplify SOAR: The future of security teams is heading towards “anywhere operations,” and the latest version of Siemplify SOAR can help get us there. It gives organizations the building blocks needed across cloud infrastructure, automation, collaboration, and analytics to accelerate processes for more timely responses and automated workflows. In turn, this can free up teams to focus on more strategic work. Guardrails and governance for Terraform: Popular open-source Infrastruct

4
malamin
8 months ago

Recently Awarded Badges

  • C2C Community Builder - Bronze Level
    LSegurahas earned the badge C2C Community Builder - Bronze Level
  • Google Cloud Startups Conversationalist - Bronze Level
    valdecir.carvalhohas earned the badge Google Cloud Startups Conversationalist - Bronze Level
  • Google Cloud Startups Conversationalist - Bronze Level
    Vickhas earned the badge Google Cloud Startups Conversationalist - Bronze Level
  • Google Cloud Startups Conversationalist - Silver Level
    ScottBeekerhas earned the badge Google Cloud Startups Conversationalist - Silver Level
  • C2C Conversationalist - Bronze Level
    alexandria.johnsonhas earned the badge C2C Conversationalist - Bronze Level
Show all badges
Terms & Conditions