5 New Google Cloud Security Features To Check Out
Google Cloud announced an array of new capabilities, including in threat detection and attack simulation, in connection with its annual Security Summit.
Sunil Potti
The Latest From Google Cloud
Google Cloud is looking to keep up the momentum on advancing its cybersecurity offerings with the debut of a handful of new capabilities, announced Tuesday in connection with its annual Security Summit. The announcements build on Google Cloud’s unveiling in April of a new generative AI platform, Security AI Workbench, that leverages a security-specific large language model (LLM) from Google, Sec-PaLM. “The way we’ve approached AI — in particular inside security —is to not look at it as a chatbot that is overlaid on our products,” said Sunil Potti, vice president and general manager for Google Cloud’s security business, during a briefing with reporters. “The core thing we’re trying to do is to infuse AI into every workflow in our security tooling, so that we can get that power of generative AI to be a force multiplier across all things security.”
[Related: Accenture Doubles Down On Google Cloud Security With New Managed Service]
The new security features announced Tuesday by Google Cloud include the introduction of new threat detection, investigation and response (TDIR) capabilities within the company’s Chronicle Security Operations platform; attack path simulation in the company’s Security Command Center; a Secure Web Proxy service; and other new capabilities.
What follows are five new Google Cloud security features to know about.
Chronicle TDIR For Google Cloud
As part of its annual Security Summit, Google Cloud announced what it’s calling a major advancement on cloud security by introducing threat detection, investigation and response (TDIR) for its public cloud platform. The TDIR capabilities for Google Cloud will be available as part of the company’s platform for cybersecurity teams, Chronicle Security Operations. The company said that the platform now offers “turnkey” TDIR for securing Google Cloud environments.
Key capabilities include simplified ingestion of cloud telemetry; “out-of-the-box” detection rule sets that eliminate the need to create detection rules; “cloud-specific context” that has been correlated with other data from an organization’s environment to accelerate investigation efforts; and automated response actions.
The new capabilities are made possible by Google Cloud’s integration of its Security Command Center Premium offering and the company’s own telemetry, Google Cloud said. Benefits of the integration include “high fidelity, contextualized alerts that quickly give insight into potential threats in your Google Cloud environment,” the company said.
Attack Path Simulation
For its Security Command Center platform, Google Cloud said it is now introducing a new tool that can help to proactively address threats in a cloud environment. The new attack path simulation capability can automatically analyze a Google Cloud environment to identify the most likely places for an attacker to target.
The attack path simulation tool leverages continuous scans performed by Security Command Center, which provide “near real-time” data about vulnerabilities and cloud resources. The simulation engine can then “automatically generate and render high-risk attack paths, without the hands-on toil of having to repeatedly run manual queries,” Google Cloud said.
Secure Web Proxy
At Google Cloud’s Security Summit, the company announced that its Secure Web Proxy offering is now generally available. The network security tool offers web egress traffic inspection as well as capabilities for protection and control of network traffic, Google Cloud said. Advantages of the offering for networking and security teams include enabling the implementation of zero trust security principles with networking, as well as discovery of malicious activities and support for investigations following an attack, the company said.
Fraud Prevention
Google Cloud also announced a new capability for improved securing of financial transactions on websites and apps. The “dedicated” fraud prevention capability for the company’s reCAPTCHA Enterprise offering aims to prevent fraud through “holistic” bot management, as well as prevention of account takeover. The reCAPTCHA Enterprise Fraud Prevention can “help protect payment transactions by identifying targeted manual attacks and large-scale fraud attempts,” Google Cloud said.
API Abuse Detection
As part of its Apigee API management platform, Google Cloud announced that it now offers “advanced” API security capabilities for detection of misconfigurations and other threats. The new Apigee API abuse detection feature, which is now in public preview, offers a dashboard that utilizes machine learning models trained on “a large corpus of API traffic,” which are also used to protect other Google services.