Identity and Security
Detect, investigate, and protect against threats with security best practices for cloud, on-premises, or hybrid deployments.
- 71 Topics
- 54 Replies
Google Cloud and Chronicle help BBVA imagine new security use cases
BBVA, a Spanish multinational financial services company based in Madrid and Bilbao, Spain, is one of the largest financial institutions in the world. They partnered with Google Cloud and Chronicle to augment their homegrown security operations platform, allowing them to digest more data and extend threat detection and response use cases into the cloud. Click on the video below to watch it in detail: Extra Credit:Click on the link below to read it more detail:https://f.hubspotusercontent40.net/hubfs/2567647/BBVA_Case_%20Study.pdf
Google + Mandiant: Transforming Security Operations and Incident Response
Only with Google Cloud and Mandiant can you leverage our planet scale analytics to action threat intel from the frontlines - providing you a faster way to detect, investigate, and respond to incidents at scale.Today Thomas Kurian CEO, Google Cloud to share the completion of Google Cloud acquisition of Mandiant, a leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant shares google cloud cybersecurity vision and will join Google Cloud to help organizations improve their threat, incident and exposure management. Combining Google Cloud’s existing security portfolio with Mandiant’s leading cyber threat intelligence will allow Google Cloud to deliver a security operations suite to help enterprises globally stay protected at every stage of the security lifecycle. With the scale of Google’s data processing, novel analytics approaches with AI and machine learning, and a focus on eliminating entire classes of threats, Google Cloud and Mandiant will help or
Protecting Google Applications with Fortinet’s Web & API Security
Protecting Google Applications with Fortinet’s Web & API SecurityDigital innovation is causing increased risk as cyber threats take advantage of the disruption. Learn about our cloud native SaaS based web application firewall (WAF) that protects web applications and APIs from the OWASP Top 10 threats, zero-day attacks and other application layer attacks. Simple to set up and with in-built AI/ML, the Fortinet WAF automatically adapts to learn and protect your specific application. Click on the video below to watch it in detail:.
Troubleshooting group and resource hierarchy permissions
Identity and Access management, or IAM, in Google Cloud gives you precise control over the permissions that users have. In this video, will discuss using the Policy Troubleshooter to investigate group membership and resource hierarchy permissions to understand how you can allow users to access and modify resources.Click on the video below to watch it in detail: Chapters:0:00 - Intro0:51 - Example permissions in Cloud Storage1:40 - Using the Policy Troubleshooter2:03 - Understanding the resultsExtra Credit :Policy TroubleshooterTroubleshoot IAM permissions → https://goo.gle/3Q6rJw0Full resource names → https://goo.gle/3CVzwKk
Tips for succeeding with your cloud data security strategy
Do you currently know each location you might store sensitive data? How about the data you collect from customers and partners? If not, you’re not alone. In this video, Scott Ellis, Product Manager, Google Cloud will cover how Google can help you gain understanding and visibility into what data you are storing, and where it is located - regardless if it’s unstructured data in BigQuery or scanned images in storage. This allows you to take appropriate measures to protect your data, and build a comprehensive data security strategy that adapts as quickly as your data changes. To view it in detail, click on the video below: https://cloudonair.withgoogle.com/events/emea-security-talks/watch?talk=talk7
How to get started with network-based threat detection in Google Cloud
How to get started with network-based threat detection in Google Cloud. As more and more applications move to the cloud, network security teams must protect them against an ever-evolving threat landscape. Shielding applications from network-based threats is also one of the most important criteria for regulatory compliance. In this video you will see a live demonstration of Cloud IDS, our cloud-native, managed, industry-leading network based threat detection, and how you can integrate its findings into your security operations ecosystems and workflows, including cloud-native SIEM, third party XDR, and SOAR systems. To view it in detail, click on the video below:
Creating compliant environments in Google Cloud
Creating compliant environments in the cloud doesn’t need to be difficult or force you to compromise on using the latest and most innovative services. In this video, Bryce Buffaloe, product manager security & compliance, google cloud will show how you can manage requirements for your regulated workloads with just a few clicks. See how you can set controls for where your cloud data is stored and processed, the personnel who are authorized to support your deployment, and who can access cloud resources on a workload-by-workload basis, with seamless platform compatibility between regulated and commercial cloud environments.Click on the video below to watch it in details:
Container Security: Building trust in your software supply chain
Whether building an application on Kubernetes, Serverless, or Virtual Machine, end-to-end security is crucial to mitigate the rapid growth in open source software, as well as recent cybersecurity attacks and data breaches. The following video will help you to learn about how you can adopt an in-depth, security-first approach with Google Cloud that embeds security and compliance at every step of your software lifecycle. 1. Secure Software Supply Chain KeynoteSpeaker: Pali Bhat, Eric Brewer, Aparna Sinha, Phil Venables, Brenna Washington, Dustin Ingram, Shane Lawrence They We'll discuss the state of the container security industry, including the lessons you can learn from recent breaches, plus best practices you can implement today to secure the software supply chain and establish trust throughout the delivery process. 2. Lurking in the deep: Control your open source dependenciesSpeaker: Nicky Ringland, Don McCasland Nearly all software depends on open source and other external, thir
5 must-know security and compliance features in Cloud Logging
Cloud loggingCloud Logging is now FedRAMP High certified!As enterprise and public sector cloud adoption continues to accelerate, having an accurate picture of who did what in your cloud environment is important for security and compliance purposes.Logs are critical when you are attempting to detect a breach, investigating ongoing security issues, or performing forensic investigations.These five must-know Cloud Logging security and compliance features can help customers create logs to best conduct security audits.The first three features were launched recently in 2022, while the last two features have been available for some time. Cloud Logging is a part of Assured Workloads. Cloud Logging is now FedRAMP High certified. “Manage your own Keys,” also known as customer managed encryption keys (CMEK), can encrypt Cloud Logging log buckets. Setting a high bar for cloud provider transparency with Access Transparency. Track who is accessing your Log data with Access Approval Logs.
Easily shift to zero-trust cloud infrastructure protection
Migrating existing workloads or deploying new workloads in the cloud provides the opportunity to improve protection against attacks. Come learn about approaches to defend your network perimeter and prevent lateral movement of threats. Tracy Jiang, Senior project manager, Google Cloud will discuss the unique capabilities of Google Cloud firewalls that can deliver a no-compromise zero-trust posture. She will also discuss how firewall insights and Cloud IDS can monitor for gaps in protection and prevent attacks. Click on the following video to watch it in detail : Video insights:
Achieve zero-trust certificate issuance with CAS
Are you moving your organization from on-premise PKI services to Google Cloud? With Certificate Authority Service (CAS), you can achieve zero-trust policies for secure communication with your CAs. Watch along and learn how CAS provides fully managed, cloud-native CAs for Google Cloud Platform customers in conjunction with VPC Service controls to maintain zero-trust in the cloud.Click on the following video to watch it in detail : 0:00 - Intro0:33 - Today’s on-premise PKI deployments0:54 - Certificate Authority Service (CAS) + Virtual Private Cloud (VPC) SC1:26 - Virtual Private Cloud service controls2:16 - VPC access controls2:57 - What is Access Context Manager (ACM)?3:13 - CAS & VPC SC perimeter example4:51 - Wrap up Extra Credit:Access Context Manager → https://goo.gle/3cfBJ7V Endpoint verification → https://goo.gle/3PdNsTa VPC Service Controls→ https://goo.gle/3aKg5bu
Announcing Virtual Machine Threat Detection now generally available to Cloud customers
The Google Cloud team has given hard work on virtual machine scaling the service, refining virtual machine detection capabilities, and preparing google cloud's next major feature set. VMTD in general availability has been scaled to support significantly more frequent scanning across a tremendously large number of instances. Scaling the scanning of memory from the Google Cloud Compute Engine (GCE) fleet has posed unique challenges, and google cloud invested in caching scan results to enable more frequent scans of smaller – but more important – sections of memory.Today Google cloud are announce that their unique, first-to-market detection capability with Virtual Machine Threat Detection (VMTD) in Security Command Center is now generally available for all Google Cloud customers. Follow the link below to read more details: https://cloud.google.com/blog/products/identity-security/introducing-virtual-machine-threat-detection-to-block-critical-threats
Announcing curated detections in Chronicle SecOps Suite
A critical component of any security operations team’s job is to deliver high-fidelity detections of potential threats across the breadth of adversary tactics. But increasingly sophisticated threat actors, an expanding attack surface, and an ever-present cybersecurity talent shortage make this task more challenging than ever. Google keeps more people safe online than anyone else. Individuals, businesses and governments globally depend on our products that are secure-by-design and secure-by-default. Part of the “magic” behind Google’s security is the sheer scale of threat intelligence google cloud are able to derive billions of users, browsers, and devices. Please visit the following link for more details:https://cloud.google.com/blog/products/identity-security/introducing-curated-detections-in-chronicle-secops-suite
How CISOs need to adapt their mental models for cloud security
To understand the differences between on-premises and cloud cybersecurity mental models, consider the types of threats that each is attempting to block, detect, or investigate. A new article based on the CISOs' mental models for cloud security was written by Seth Rosenblatt, security editor at Google Cloud, and Anton Chuvakin, senior staff consultant at the Office of the CISO. In the article, it was mentioned that many security leaders enter the cloud equipped primarily with on-premises-developed tools, procedures, skills, and, ultimately, mental models of how security functions. By aligning their current mental models with those of the cloud, these issues with cost and efficiency can be resolved. They explain the following important key points in this article: Network security Endpoint security Detection and response Data security Identity and access management Shared fate for greater trust in cloud security Get ready to go cloud native Please click on the following link t
Certificate templates for CAS
Want to simplify your policy controls while also making them more specific? In this episode of Certificate Authority Service, we’ll show the other side of policy controls with fine-grained policies, using templates. Watch to learn about templates which allow for defining a set of policy controls that are not tied to a single CaPool. Click on the following video to watch it in detail. Chapters:0:00 - Intro1:23 - Fine grained policies using templates2:20 - Roles needed2:52 - How to create a template3:59 - Wrap up Extra Credit:Creating certificate templates → https://goo.gle/3SVYBu6 Certificate templates → https://goo.gle/3pxiH01 Certificate profiles → https://goo.gle/3pnp8my Configure new CaPool to require using the new template → https://goo.gle/3K5yCwm Create certificates using the new template → https://goo.gle/3QTpDQK
How Google Cloud blocked the largest Layer 7 DDoS attack at 46 million rps
An incredible story, proving the point around security and reliability on Google Cloud! Emil Kiner, Senior Product Manager, Cloud Armor, and Satya Konduru Technical Lead at google cloud have described full insight of the report based on the latest Google Cloud blocked the largest Layer 7 DDoS attack at 46 million rps.Click on the following link to read more detail about outstanding google cloud armor action against DDoS attacks. https://cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps
Google Cloud Security Talks 2022
Join the event “Show-and-Tell” Edition of Google Cloud Security Talks.This Google Security Talks will not just share what you need to know about google portfolio of products, it will show you how to use them. Explore Google cloud latest security products and innovations in a unique and refreshing way: by watching google cloud security experts put the solutions they helped build to the test via hands-on, fast-paced and highly visual demos. Each best-practice session will highlight top use cases for Google’s key security solutions and demonstrate step-by-step instructions for how you can apply these exact same scenarios in your own environment. Don’t just see products in action. Learn how you and your team can extract real value. Join the Google Cloud Security Talks to learn more! *To best accommodate varying schedules, Google Cloud security experts are offering two Security Talks sessions per topic throughout the day. Register for your preferred session time below.* Plus, enjoy a spec
Fastest Two Minutes in SecOps: Cloud security [Video]
Dave Herrald, senior security strategist at Google Cloud and a former CISO at a payment processes company. How can you succeed in the cloud’s new detection (and response) context, architect a more resilient cloud, keep SOC teams less frustrated and more upbeat, and most of all leverage the cloud to kickstart your security operations transformation? In the below video, Herald boils down a very big conversation—cloud security—into something salient and actionable. Enjoy!
[Infographic] Have your SIEM ... and augment it too
How would you feel if you found that you could have your SIEM and also enhance it? For three examples of real-world use scenarios, scroll through the infographic below. If you add Chronicle to your current legacy SIEM, it will help your security operations team scale, be more affordable, and have a stronger reaction. However, replacing a SIEM can sometimes be an expensive endeavour, and every firm is at a different point of its security operations journey. One choice is to "augment" their stack using Chronicle SIEM from Google, which may help you rapidly and inexpensively achieve better security outcomes. What can you truly accomplish with a Chronicle enhancement, beyond the numbers? A new infographic makes three real-world application scenarios easier to understand. Google chronicle defines them in three titles:The “Cover All Your Bases” use case The “Hoarding is Rewarding” use case The “Automation Station” use caseClick on the following link to view the infographic:https://chronicle.
Report recommendation: Drive existing best practices for security hygiene
The U.S. Department of Homeland Security (DHS) recently announced the results of the first report from the Cyber Safety Review Board (CSRB) on the log4j software library vulnerabilities discovered in late 2021. Google welcomed the opportunity to participate in the development of the CSRB report and share our own experiences responding to this and other incidents. Building on this momentum, today we are going to share Google’s approach to address the log4j report’s recommendations. We see this as an important part of our effort to support others in the industry as we all work together to increase open source security. This includes: Driving adoption of best practices; Building a better software ecosystem; and Making long term investments in digital security. Together, these efforts demonstrate the steps we take to protect others and reflect our broader commitment to improve security for everyone. Here is the linik to read more details.https://cloud.google.com/blog/products/ident
Threat Detection, Investigation, and Response in the Google Cloud
A cloud service called Chronicle was developed enabling businesses to privately store, process, and search the enormous volumes of security and network telemetry they produce. It was constructed as a customised layer on top of the basic Google infrastructure. Chronicle normalises, indexes, correlates, and analyses the data to offer immediate insight and context on dangerous conduct.Using data, immediately analyse Google Cloud assists your security operations team in navigating this still developing paradigm by providing best practises and critical answers that will better equip it to deal with threats in the cloud.It contains: A technical primer on what makes cloud security different than on premises How detection and response can be best achieved in the cloud Clarity on who is responsible for detection and response in the cloud, between user and provider Why moving to the cloud is an opportunity to transform how you can achieve your SecOps goals of confidentiality, integrity, and
Can Google Cloud access data stored in Google Storage when using Google-managed encryption keys?
The Google Cloud documentation is not clear on this. We’ve been trying to understand if Google Cloud can access data stored in Google Storage when using Google-managed encryption keys.If yes, is there a way to restrict such access?
Architecting zero trust networks with GKE and Anthos Service Mesh
Ameer Abbas, Senior Product Manager at Google will discuss about ever-growing risk of network threats and bad actors, many organizations are turning to zero trust networks to ensure that only trusted users and devices are given access. In this session, we’ll discuss what zero trust networks are, what risks they mitigate, and common patterns found in a dynamic microservices environment. To Join this session please check the following link: https://cloudonair.withgoogle.com/events/innovators-architecting-zero-trust-networks
Security on GCP
Here are the latest updates, products, services and resources from GCP security teams on May: PSP protocol now open source: In order to better scale the security GCP offer their customers, they created a new cryptographic offload protocol for internal use that they open sourced in May. Intentionally designed to meet the requirements of large-scale data-center traffic, the PSP Protocol is a TLS-like protocol that is transport-independent, enables per-connection security, and is offload-friendly. Updating Siemplify SOAR: The future of security teams is heading towards “anywhere operations,” and the latest version of Siemplify SOAR can help get us there. It gives organizations the building blocks needed across cloud infrastructure, automation, collaboration, and analytics to accelerate processes for more timely responses and automated workflows. In turn, this can free up teams to focus on more strategic work. Guardrails and governance for Terraform: Popular open-source Infrastruct
Already have an account? Login
Social LoginLogin With Your C2C Credentials
Login to the community
Social LoginLogin With Your C2C Credentials
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.