The search giant envisions a future in which security technologies are engineered-in, security operations are no longer part of a siloed center, niche security talent gets democratized and shared responsibility evolves to shared fate. To realize its vision, Google Cloud has announced a number of new products and solutions designed to help organizations address their most pressing security challenges.
First off the company is making its cloud-native, managed intrusion detection system Cloud IDS available to organizations to help them detect malware, spyware, command-and-control attacks and other network-based threats. Cloud IDS is built with advanced threat detection technologies from Palo Alto Networks that make it possible for the system to detect malicious activity with low false positives.
Deployment takes just a few clicks and the service is easy to operate as Google manages scaling, availability and threat detection updates. At the same time, Cloud IDS can also be used with an organization’s existing SIEM and SOAR solutions to gain additional visibility into network threats. In its public preview, Cloud IDS will integrate with the Splunk Cloud Platform, Splunk Enterprise Platform, Exabeam Advanced Analytics, The Devo Platform and Palo Alto Networks’ Cortex XSOAR.
Automatic Security Operations
As modernizing security operations programs to protect against the latest threats is a significant undertaking, Google Cloud has also announced Automatic Security Operations to help guide organizations through this journey.
Automatic Security Operations combines products, integrations, blueprints, technical content and an accelerator program to enable customers to take advantage of the company’s technology stack built on Chronicle and its deep security operations expertise. However, Google Cloud will also be partnering with BT to bring its Automatic Security Operations solution to the managed security services market.
The company’s cloud-native security analytics platform Chronicle is also getting an upgrade as it now integrates with the company’s Looker and BigQuery platforms. Security teams can now access new Looker-driven dashboards that show high level insights on ingested events, alerts and a global threat map, an overview of all security telemetry ingested into Chronicle, a granular view into IOC matches detected in Chronicle, detailed insights into triggered detection rules and insights into sign-in data across their organization.
Finally Google has announced that it will expand the availability of its Risk Protection Program to all Google Cloud customers in public preview.