Google LLC today announced several new security features and capabilities at its annual Google Cloud Security Summit that are aimed at “reimagining cybersecurity through the power of convergence.”
Convergence was a key theme at the annual conference, with Google intentionally choosing strategic capabilities that can have the largest impact on security posture and programs. Those capabilities are about driving a platform with core security functions of detection, investigation and response, coupled with risk management for where business-critical applications and data increasingly live.
Google detailed the broader market and how Google Security Operations are facilitating things such as hackathons and new processes to help build a strong security foundation, with artificial intelligence thrown in for good measure. More specifically, Google Security announced three main new capabilities — Mandiant Custom Threat Hunt, new security command center capabilities and Chrome Enterprise Premium updates.
Mandiant Custom Threat Hunt offers point-in-time threat hunt capabilities to complement managed detection and response services. The service, which can also be used to supplement in-house threat-hunting programs, helps organizations uncover ongoing and past threat actor activity in their environment while improving their ability to detect future threats.
New Security Command Center capabilities announced at the conference include the ability to surface never-before-seen toxic combinations that create vulnerabilities and allow access to valuable resources. With the update, the SCC finds toxic combinations using what Google is calling “virtual red teaming.” It continuously simulates a determined attacker who attempts to infiltrate cloud defenses by trying millions of attack permutations against a digital twin model of a given cloud environment to find possible attack paths.
The new SCC update is also designed to advance multicloud cloud infrastructure entitlement management capabilities to help customers manage cloud identities and maintain a least privilege access model.
The third significant announcement, Chrome Enterprise Premium updates, includes new capabilities in Chrome Enterprise Premium. They enable users to obtain faster and easier protections with pay-as-you-go pricing, protect data with watermarking, gain greater visibility into browsing activity with URL filtering for browser history, and view Chrome Security Insights for a more nuanced understanding of threats.
Also announced at the summit was a range of new controls and capabilities created to help strengthen organizational security posture and ensure compliance.
For identity access and management, a now-in-preview Privileged Access Manager enforces the principle of least privilege with just-in-time, time-bound and approval-based access elevations for high-privilege users. At the same time, Principal Access Boundary allows defining authorized resource sets for principals regardless of existing IAM policies.
Now generally available, Certificate-Based Access uses mutual TLS to bind user credentials to a device certificate and Workforce Identity Federation with Microsoft Entra ID enables Single-Sign-On to access Google BigQuery from Microsoft Power BI without requiring user or group provisioning in Google Cloud. Additionally, VPC Service Controls now support private IP, allowing authorized traffic from specific internal networks or on-premises environments to access protected cloud resources.
For data security, Google announced new confidential VM options in preview. They protect data and applications in use with hardware-based memory encryption.
Meanwhile, AMD SEV-SNP, now generally available on N2D machines and in preview on C3D instances, enhances data confidentiality and integrity with strong memory integrity and hardware-rooted remote attestation. Additionally, Key Access Justifications for Cloud HSM, now in preview with Assured Workloads, offers access transparency and justifications for Cloud HSM-based keys.