Google Cloud unveils new security features focused on convergence

Google LLC today announced several new security features and capabilities at its annual Google Cloud Security Summit, which aims to “reimagine cybersecurity through the power of convergence.”

Convergence was a key theme at the annual conference, with Google intentionally selecting strategic capabilities that could have the greatest impact on security posture and programs. These capabilities relate to managing a platform with core security functions of detection, investigation, and response, along with risk management in places where business-critical applications and data increasingly reside.

Google provided a detailed explanation of the broader market and how Google Security Operations facilitates things like hackathons and new processes to help build a strong security foundation, with the addition of AI. More specifically, Google announced three major new capabilities — Mandiant Custom Threat Hunt, new Security Command Center capabilities, and Chrome Enterprise Premium updates.

Mandiant Custom Threat Hunt provides real-time threat hunting capabilities to complement managed detection and response services. The service, which can also be used to complement insider threat hunting programs, helps organizations discover current and past threat actor activity in their environment while improving their ability to detect future threats.

New Security Command Center capabilities announced at the conference include the ability to detect never-before-seen toxic groups that create vulnerabilities and allow access to valuable resources. With the update, the Security Command Center finds toxic groups using what Google calls “virtual red teaming.” It continuously simulates a determined attacker trying to infiltrate cloud defenses by trying millions of attack configurations against a digital twin model of a given cloud environment to find potential attack paths.

The new SCC update is also designed to advance multi-cloud infrastructure rights management capabilities to help customers manage cloud identities and maintain a minimum privilege access model.

The third major announcement, Chrome Enterprise Premium updates, includes new capabilities in Chrome Enterprise Premium. They enable users to get faster and easier protection with pay-as-you-go pricing, protect data with watermarks, gain greater visibility into browsing activity with browser history URL filtering, and view Chrome Security Insights for a more granular understanding of threats.

The summit also announced a range of new controls and capabilities that have been created to help strengthen the regulatory security posture and ensure compliance.

For identity access and management, the now-introduced Privileged Access Manager enforces the principle of minimum privileges through time-bound, time-based, and approval-based access levels for highly privileged users. Meanwhile, the Master Access Limit allows managers to define authorized resource groups regardless of existing identity and access management policies.

Certificate-based access is now generally available, using the TLS protocol to bind user credentials to the device certificate, and Workforce Identity Federation with Microsoft Entra ID enables single sign-on access to Google BigQuery from Microsoft Power BI without requiring user or group provisioning in Google Cloud. Additionally, VPC service controls now support private IP, allowing authorized traffic from specific internal networks or on-premises environments to access protected cloud resources.

To secure data, Google has announced new VM Confidential options in preview. They protect data and applications in use with hardware-based memory encryption.

Meanwhile, AMD SEV-SNP, now generally available on N2D devices and in preview on C3D models, enhances data confidentiality and integrity with robust memory integrity and hardware-based remote verification. Additionally, Cloud HSM Key Access Justifications, now available in preview with Assured Workloads, provides transparency into Cloud HSM-based access and key justifications.

Image: Google Cloud Security