In the fast-moving world of security, Google Cloud continues to constantly update our products and services to help protect your data and your applications. In the second installment of this regular series, let’s dive into what’s new and cooking in Google Cloud Security.
For those of you curious to read the previous installment, we got you covered! 🙂
Updates from Cloud External Key Manager
Whether you keep your secrets on-prem or in the cloud, they need to be well protected. To help protect your External keys, Cloud External Key Manager (EKM) recently launched EKM over VPC that will provide your application with an extra layer of security. You can now use asymmetric keys for signing as EKM recognizes both RSA and Elliptic curve asymmetric keys. EKM also provides an additional Organizational policy level that lets you define what type of key you want to use.
Automatic data risk management for BigQuery using DLP
When you have tons of potentially sensitive data that needs to be analyzed for its risk profile, you can use Automatic Data Loss Prevention (DLP) with BigQuery to reduce the risk of data leaks. With this feature, DLP can be configured to run as a cron job over BigQuery data, which will report the results in a DataStudio dashboard. Automatic sync with DLP also provides insights and risk scores for each table in Chronicle which can then be used for enhancing threat detections.
reCAPTCHA Enterprise – Password leak detection
Passwords are one of the common forms of authentication and password reuse is a big threat to account protection. Never fear – reCAPTCHA Enterprise offers a simple way to verify if your passwords have been compromised. If reCAPTCHA finds out that your password has been leaked, it warns you so that you can secure your account. This feature coupled with Account Defender or multi-factor authentication can help secure your organization better.
Error Remediation with Security Command Center
Security Command Center (SCC) released new finding types that alert customers when SCC is either misconfigured or configured in a way that prevents it from protecting your resources as expected. These findings provide remediation steps to return SCC to an operational state. Learn more and see examples:
What’s up with Cloud Armor?
Cloud Armor helps secure web applications by identifying DDoS and other web attacks. You can now customize the rate-limiting per client using new rule actions. Also, Cloud Armor provides capabilities to detect and manage bot traffic at network and application layers. reCAPTCHA Enterprise for WAFwill help detect and manage bot activity at the network level, whereas Cloud Armor’s Adaptive Protection feature based on machine learning identifies Layer 7 attacks.
GCP Security products <-> MITRE ATT&CK mappings
In our recent studies, we have released a comprehensive mapping between Google Cloud’s native security offerings and MITRE ATT&CK. This can help you choose the products for your security use cases. Read more about the mapping methodology here:
See you in the next installment of #SecurityRoundup!
Cloud BlogRead More