HITS

The latest Google Cloud Security enhancements were touted by the company during a Google Cloud Security Talks webcast Nov. 20.

In the first presentation, “Latest Security Updates,” Robert Sadowski, Trust and Security Marketing lead at Google Cloud, pointed out that there are three areas of focus and investment by the company when it comes to security: Security of our cloud, security in our cloud and security anywhere.

Recent compliance additions made by the company included TISAX certification for the auto industry in Europe, FINMA certification for financial institutions in Switzerland and HDS certification to process health care data in France, he said. In the U.S., the company added documentation for NIST 800-34 and an authorization to host DISA Information Level (IL) 2 information, he added.

“Our list of assets continues to grow every quarter,” he told viewers.

Meanwhile, a new option that Google Cloud users now have to manage encryption on the platform is the new External Key Manager service, which he said protects your data in Google Cloud with encryption keys stored in a key management system of your choice.

The company also recently added some encryption capabilities for the Google Kubernetes engine, he noted. For instance, secrets can now be stored at the application layer with envelope encryption, he said. “Also new, in beta, is the option to use customer-managed encryption keys for persistent disks in GKE,” he pointed out.

“Security Health Analytics and Event Threat Detection will be bundled in a Premium Edition, along with other new capabilities in Cloud Security Command Center to help you meet industry compliance requirements, catch web application vulnerabilities and detect even more types of threats,” he said.

Event Threat Detection helps “detect some of the most common cloud threats, including malware, cryptomining,” phishing, IAM abuse, outgoing DDoS attacks, leaked credentials, hijacked accounts and compromised machines, he said.

The Premium Edition of Cloud Security Command Center “will give you a comprehensive, easy-to-deploy set of tools to protect your cloud resources,” he said.

Updates in network security, meanwhile, include Packet Mirroring, which he explained “allows you to troubleshoot your existing VPCs by collecting and inspecting network traffic at scale,” which he said “enables intrusion detection, application performance monitoring and other security controls.”

The company also recently introduced web application firewall capabilities for its Cloud Armor network protection service on Google Cloud Platform, he said, explaining: “These out-of-the-box rules defend against OWASP top 10 risks such as cross-site scripting and SQL injection” attacks. “In addition to predefined rules, you can now create your own custom rules using any combination of L3 through L7 parameters, including geolocation,” he said, adding: “This helps you protect your apps from targeted or distributed attacks.”