Identity and Security

Detect, investigate, and protect against threats with security best practices for cloud, on-premises, or hybrid deployments.

84 Topics
61 Replies

84 Topics

malaminModerator

posted in Identity and Security

Women in Security Community Event 2023

Join with Inaugural #WomeninSecurity #Community Event on February 2nd 2023. By celebrating the #women making an impact in #Cybersecurity, this can demonstrate the path to leadership and success for diverse women everywhere in this exciting and expanding field.This event will bring together #women in the cybersecurity fields to network, share insights, collaborate, meet peers, and support each other to actively contribute to the industry.Get ready to start some security-loving conversations! There will be a spectacular keynote speaker, a panel discussion where you will hear from executives in the industry making an impact and much more. You can find the full agenda here.This is not a women only event and is open to all, women and allies!**When:** Thursday, February 2, 2023 14:00 - 21:00 GMT**Where: ** Google UK Office, 6 Pancras Square, Kings Cross, London N1C 4AG UKRegister today and we hope you won’t pass up this opportunity to engage with other cybersecurity customers and Googlers at

malaminModerator

posted in Identity and Security

Solving for software supply chain security

Safeguard everything from people and customers to data and transactions using Google Cloud solutions on the SLSA framework., You can Discover how you can improve security across your software delivery lifecycle. The digital world is seeing an ever increasing rise of cybersecurity threats. Rethinking your organization's security posture means finding ways to identify and protect everything from people and customers to data and transactions. Click on the link below to join this event. https://cloudonair.withgoogle.com/events/2022-sea-appeco-webinar

malaminModerator

posted in Identity and Security

Protecting your infrastructure with Google Cloud Armor

Security is an essential element of any cloud service, and everyone wants to know that their information will be safe. Google Cloud Armor can protect your systems from web-based attacks and mitigate distributed denial-of-service (DDoS) attacks. It gives you enterprise-grade defense, whether your application is deployed on Google Cloud, on premise, or in a multicloud architecture. Learn from Google cloud partner Searce how Google Cloud Armor has already helped other customers with security and infrastructure. This webinar is intended for Chief Security Officers, CIOs, CDOs,Security Decision Makers and Security Teams. During the webinar, you’ll have the opportunity to exchange your ideas, concerns and questions with our speakers in the chat.Click on the link below to join this event: https://cloudonair.withgoogle.com/events/protecting-infrastructure-googlecloudarmor

dominikkugelmannAdventurer

posted in Identity and Security

Okta Source Code was Hacked

So...it happened again. Okta hacked. https://www.bleepingcomputer.com/news/security/oktas-source-code-stolen-after-github-repositories-hacked/ How does this ☝🏼 affect your risk assessment of Okta (and others)? 🧵

malaminModerator

posted in Identity and Security

Security Bootcamp for Partners

Learn about the latest Security product and solution launches and how best to attach Security to your Google Cloud deals from Google Cloud Security's leaders, Product Managers, and Engineers. This training is technically-focused and this event will cover demos, assessment tools, reference architectures, and much more.Join us on December 12 & December 13Location: Torre Picasso, Plaza Pablo Ruiz Picasso, 1Madrid28020EShttps://rsvp.withgoogle.com/events/security-solutions-bootcamp-for-partners_8661b9

Erika APAC Community MgrExplorer

posted in Identity and Security

Ever wondered what steps you can take to navigate complex security landscape?

Join us on Nov-29 for a chat where we hope to explore trends adding to the security complexity and also what actionable steps to take to validate your security posture. @jasonquek will share his insights. If you caught Jason’s Google Cloud Next presentation. Join us on 29-Nov and continue the conversation! Register here!! https://events.c2cglobal.com/events/details/c2c-events-virtual-presents-managing-complex-multicloud-security-with-anthos/

malaminModerator

posted in Identity and Security

How to configure rules and policies in Google Cloud Armor

Need to maintain a consistent security posture across your Internet-facing applications, but want the flexibility to tweak requirements for applications? Welcome back to Go Deep with Google Cloud Armor, where Debi Cabrera, Developer advocate show you what features are available, how to use them, and how you can leverage them in your environment. Watch to learn how you can configure Cloud Armor policies and rules to secure your applications!Click on the video below to watch it in detail.Chapters:0:00 - Intro1:03 - What this video covers2:03 - How to create a new rule from scratch4:54 - How to clone an existing out-of-the-box rule and modify it to create a new rule7:44 - How to copy a rule or policy and apply it to multiple backends / Rate limiting feature12:46 - How to use a Rule in Preview mode and test a new rule before enabling it / Threat intelligence feature17:35 - Wrap upExtra Credit:You can find Cloud Armor's pre-configured, out of the box WAF rules for the OWASP Top 10 (sourced

ronalgreyNewbie

posted in Identity and Security

Work Space

I want to enhanced the security of my site. And to identify issues in it.

malaminModerator

posted in Identity and Security

How to setup an identity pool in Workforce Identity Federation

Workforce Identity Federation allows you to set up an identity pool to use an external identity provider to authenticate and authorize access to resources within your company's Google Cloud. In this video, Google Cloud developer advocate show how you can set up this identity pool using Workforce Identity Federation. Watch to learn the configuration setups you might use depending on your provider!Click on the video below to watch it in detail. Chapters:0:00 - Intro0:23 - Getting started: Pre-requisites0:42 - Documentation1:51 - Permissions2:08 - Configure the Workforce identity pool2:51 - WIF pool providers3:34 - Create OIDC IDP4:30 - Configure our pool5:51 - Wrap upExtra CreditWorkforce Identity Federation → https://goo.gle/workforce-identity-fe... Documentation: Documentation for Configuring workforce identity federation → https://goo.gle/3zL1Hco Documentation for Configuring WIF with Azure AD → https://goo.gle/3zKCZch Documentation for Configuring WIF with Okta → https://goo.gle/3zFx

malaminModerator

posted in Identity and Security

How to secure your software supply chain from dependencies to deployment

Christoph Grotz, Google Cloud developer advocate discussed about software supply chain security, and how Google Cloud can help improve your end-to-end software supply chain security from dependencies to deploy. No matter where you are on your software supply chain security journey, you will find value in video , and see how our flexible and pluggable tools can get you started today. Click on the video below to watch it in detail:

malaminModerator

posted in Identity and Security

How Exabeam built a cybersecurity platform using Google Cloud and careful planning [Youtube]

Exabeam, a cybersecurity company and leader in SIEM and security analytics, gives customers a cloud-based platform that can help them detect and respond to threats and get a holistic view of the cybersecurity threat landscape. In this video of Data Journeys, Bruno Aziza talks with Sanjay Chaudhary, Vice President of Product Management at Exabeam. Sanjay shares how Exabeam built its newest cybersecurity platform on Google Cloud, organized the teams that support it, and best practices for forecasting and controlling costs.Click on the video below to watch it in detail:

malaminModerator

posted in Identity and Security

Best Practices for Using And Managing Service Accounts

Are you unsure when to use service accounts? Not sure how to grant applications access to Google Cloud Resources? When to use the OAuth consent flow? Then check out this video and learn the best practices for using and managing service accounts. This video also cover how to choose the right authentication method when using a service account based on your use case.Click on the video below to watch it in detail:Chapters:0:00 - Intro0:07 - What are service accounts?0:23 - When to use service accounts?1:23 - OAuth consent flow1:49 - Authentication methods2:53 - Best practices for managing service accounts Best practices for working with service accounts → https://goo.gle/3C11hQO

malaminModerator

posted in Identity and Security

Securely Manage your Unknown Cloud

The modern attack surface requires modern, automated attack surface management to ensure security teams have the visibility they need to keep organizations safe. Join this program on how to manage your unknown cloud. Learn about the integration between Prisma Cloud and Cortex Xpanse to help bring unmanaged cloud assets and users under management. Also get details on the type of information provided by Xpanse, including priority and attribution data, and how to respond to Xpanse alerts regarding newly discovered unmanaged cloud assetsclick on the video below to watch it more details.

malaminModerator

posted in Identity and Security

Google Cloud and Chronicle help BBVA imagine new security use cases

BBVA, a Spanish multinational financial services company based in Madrid and Bilbao, Spain, is one of the largest financial institutions in the world. They partnered with Google Cloud and Chronicle to augment their homegrown security operations platform, allowing them to digest more data and extend threat detection and response use cases into the cloud. Click on the video below to watch it in detail: Extra Credit:Click on the link below to read it more detail:https://f.hubspotusercontent40.net/hubfs/2567647/BBVA_Case_%20Study.pdf

malaminModerator

posted in Identity and Security

Google + Mandiant: Transforming Security Operations and Incident Response

Only with Google Cloud and Mandiant can you leverage our planet scale analytics to action threat intel from the frontlines - providing you a faster way to detect, investigate, and respond to incidents at scale.Today Thomas Kurian CEO, Google Cloud to share the completion of Google Cloud acquisition of Mandiant, a leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant shares google cloud cybersecurity vision and will join Google Cloud to help organizations improve their threat, incident and exposure management. Combining Google Cloud’s existing security portfolio with Mandiant’s leading cyber threat intelligence will allow Google Cloud to deliver a security operations suite to help enterprises globally stay protected at every stage of the security lifecycle. With the scale of Google’s data processing, novel analytics approaches with AI and machine learning, and a focus on eliminating entire classes of threats, Google Cloud and Mandiant will help or

malaminModerator

posted in Identity and Security

Protecting Google Applications with Fortinet’s Web & API Security

Protecting Google Applications with Fortinet’s Web & API SecurityDigital innovation is causing increased risk as cyber threats take advantage of the disruption. Learn about our cloud native SaaS based web application firewall (WAF) that protects web applications and APIs from the OWASP Top 10 threats, zero-day attacks and other application layer attacks. Simple to set up and with in-built AI/ML, the Fortinet WAF automatically adapts to learn and protect your specific application. Click on the video below to watch it in detail:.

malaminModerator

posted in Identity and Security

Troubleshooting group and resource hierarchy permissions

Identity and Access management, or IAM, in Google Cloud gives you precise control over the permissions that users have. In this video, will discuss using the Policy Troubleshooter to investigate group membership and resource hierarchy permissions to understand how you can allow users to access and modify resources.Click on the video below to watch it in detail: Chapters:0:00 - Intro0:51 - Example permissions in Cloud Storage1:40 - Using the Policy Troubleshooter2:03 - Understanding the resultsExtra Credit :Policy TroubleshooterTroubleshoot IAM permissions → https://goo.gle/3Q6rJw0Full resource names → https://goo.gle/3CVzwKk

Dimitris PetrakisC2C Team Member

posted in Identity and Security

How to introduce more empathy into security operations

Here is a great podcast of How to introduce more empathy into security operations.

malaminModerator

posted in Identity and Security

Tips for succeeding with your cloud data security strategy

Do you currently know each location you might store sensitive data? How about the data you collect from customers and partners? If not, you’re not alone. In this video, Scott Ellis, Product Manager, Google Cloud will cover how Google can help you gain understanding and visibility into what data you are storing, and where it is located - regardless if it’s unstructured data in BigQuery or scanned images in storage. This allows you to take appropriate measures to protect your data, and build a comprehensive data security strategy that adapts as quickly as your data changes. To view it in detail, click on the video below: https://cloudonair.withgoogle.com/events/emea-security-talks/watch?talk=talk7

malaminModerator

posted in Identity and Security

How to get started with network-based threat detection in Google Cloud

How to get started with network-based threat detection in Google Cloud. As more and more applications move to the cloud, network security teams must protect them against an ever-evolving threat landscape. Shielding applications from network-based threats is also one of the most important criteria for regulatory compliance. In this video you will see a live demonstration of Cloud IDS, our cloud-native, managed, industry-leading network based threat detection, and how you can integrate its findings into your security operations ecosystems and workflows, including cloud-native SIEM, third party XDR, and SOAR systems. To view it in detail, click on the video below:

malaminModerator

posted in Identity and Security

Creating compliant environments in Google Cloud

Creating compliant environments in the cloud doesn’t need to be difficult or force you to compromise on using the latest and most innovative services. In this video, Bryce Buffaloe, product manager security & compliance, google cloud will show how you can manage requirements for your regulated workloads with just a few clicks. See how you can set controls for where your cloud data is stored and processed, the personnel who are authorized to support your deployment, and who can access cloud resources on a workload-by-workload basis, with seamless platform compatibility between regulated and commercial cloud environments.Click on the video below to watch it in details:

malaminModerator

posted in Identity and Security

Container Security: Building trust in your software supply chain

Whether building an application on Kubernetes, Serverless, or Virtual Machine, end-to-end security is crucial to mitigate the rapid growth in open source software, as well as recent cybersecurity attacks and data breaches. The following video will help you to learn about how you can adopt an in-depth, security-first approach with Google Cloud that embeds security and compliance at every step of your software lifecycle. 1. Secure Software Supply Chain KeynoteSpeaker: Pali Bhat, Eric Brewer, Aparna Sinha, Phil Venables, Brenna Washington, Dustin Ingram, Shane Lawrence They We'll discuss the state of the container security industry, including the lessons you can learn from recent breaches, plus best practices you can implement today to secure the software supply chain and establish trust throughout the delivery process. 2. Lurking in the deep: Control your open source dependenciesSpeaker: Nicky Ringland, Don McCasland Nearly all software depends on open source and other external, thir

malaminModerator

posted in Identity and Security

5 must-know security and compliance features in Cloud Logging

Cloud loggingCloud Logging is now FedRAMP High certified!As enterprise and public sector cloud adoption continues to accelerate, having an accurate picture of who did what in your cloud environment is important for security and compliance purposes.Logs are critical when you are attempting to detect a breach, investigating ongoing security issues, or performing forensic investigations.These five must-know Cloud Logging security and compliance features can help customers create logs to best conduct security audits.The first three features were launched recently in 2022, while the last two features have been available for some time. Cloud Logging is a part of Assured Workloads. Cloud Logging is now FedRAMP High certified. “Manage your own Keys,” also known as customer managed encryption keys (CMEK), can encrypt Cloud Logging log buckets. Setting a high bar for cloud provider transparency with Access Transparency. Track who is accessing your Log data with Access Approval Logs.