Google Cloud is extending its cybersecurity portfolio, and put its recent acquisition of cybersecurity company, Mandiant at the forefront of its security announcements at Google Cloud Next 2022.
“Security Operations are simplified, and shared responsibility evolves to shared fate. Our commitment to you is twofold,” said Thomas Kurian, the chief executive officer (CEO) of Google Cloud. He explained that Google not only provides partners with the technology and infrastructure to secure themselves from cyber attacks, it also gives them the solutions to detect, investigate and respond to threats.
Following are the new security solutions announced this week at Next 22:
Chronicle Security Operations
This new cloud-born software suite is designed to help security teams detect and respond to cyber threats with the speed, scale, and intelligence of Google.
Google says that it will include more incident and exposure management and threat intelligence capabilities in the future, with the acquisition of Mandiant.
Additionally, Google announced that all security operations software will come under the Chronicle brand. The Siemplify brand will be replaced by Chronicle SOAR, and security analytics capabilities of the suite will be named Chronicle SIEM.
Chronicle Security Operations is now available for preview.
Confidential Space
Built on Confidential Computing, Confidential Space allows organizations to maintain confidentiality and control over their data when collaborating with partners by leveraging the hardened version of Container-Optimized OS (COS). Running workloads in a Trusted Execution Environment (TEE), Confidential Space also blocks the workload operator from influencing the workload in any way.
Customers can sign up for the Preview of Confidential Space here.
Software Delivery Shield
This new solution is designed to help customers improve their software supply chain security and includes a modular set of capabilities to help equip developers, DevOps, and security teams with the tools they need to build secure cloud applications.
Cloud Workstations
Google announced Cloud Workstations, a fully managed development environment on Google Cloud that allows developers to access secure, fast, and customizable development environments via a browser, anytime and anywhere. With built-in security measures, Cloud Workstations seeks to address common local development security pain points like code exfiltration, privacy risks, and inconsistent configurations.
Security updates to Google Workspace
- Data loss prevention (DLP) for Google Chat is designed to help admins create custom policies to help prevent sensitive information leaks. Checks and consequent corrective action happen in real time. DLP and content compliance is already available in Gmail, Drive, Docs, Sheets, and Slides and will be rolling out this week for Chat.
- Trust rules in Google Drive, currently in beta, aim to allow for more granular control of internal and external sharing by providing admins more flexibility in establishing collaboration boundaries. This feature will be available later this year
- Client-side encryption (CSE) for Gmail and Google Calendar seeks to give Enterprise Plus and Education Plus/Standard customers complete control over access to their data to address a broad range of data sovereignty and compliance requirements. Client-side encryption is currently available in Drive, Docs, Sheets, Slides and Meet, will be available later this year in Gmail, and in preview for Calendar later this year.
New cybersecurity partnerships and Google Cloud Ready-Sovereign Cloud
The Google Cloud Ready–Sovereign Solutions program seeks to help customers identify partner applications validated to be compatible with Google Cloud’s portfolio of Sovereign Solutions, including partner offerings from T-Systems in Germany and S3NS in France. The program seeks to give customers the confidence to continue using applications that are critical to their business while meeting their digital sovereignty objectives.
More than 20 software companies committed to validate their platforms for this program, including Aiven, Broadcom (Symantec), Cloud Software Group (Citrix), Climate Engine, Commvault, Confluent, Datadog, DataIKU, Dell Technologies, Elastic, Fortinet, Gitlab, Iron Mountain, LumApps, MongoDB, NetApp, OpenText, Palo Alto Networks, Pega Systems, Siemens, SUSE, Thales, Thought Machine, Veeam, and VMware.
Google Cloud also announced that it is partnering with Palo Alto Networks to ensure customers can embrace a ZTNA 2.0 strategy, protecting all users and applications on devices connected across any network.
Finally, Google announced integrations with ForgeRock, JumpCloud, Okta, and Ping Identity to extend identity management capabilities and policies to joint customers.
