Simplify enterprise threat detection and protection with new Google Cloud security services

RSAC DAY 2 – Intel Inside, Threat Hunting and Dancing around with Friends
March 6, 2019
The service mesh era: Using Istio and Stackdriver to build an SRE service
March 6, 2019

Today’s enterprises face a complex threat environment. Attacks targeting users, networks, sensitive information and communications are increasing in sophistication and scale. Organizations of all sizes need advanced security capabilities that are easy to deploy and manage to help defend against these threats. At Google Cloud, we are constantly looking to bring innovative capabilities to users of our platform, and now, even to organizations who may not be running workloads on our platform.

Introducing the Web Risk API

Today, we’re excited to announce the beta release of Web Risk API, a new Google Cloud service designed to keep your users safe on the web. With a simple API call, client applications can check URLs against Google’s lists of unsafe web resources, including social engineering sites such as phishing and deceptive sites, and sites that host malware or unwanted software. With the Web Risk API, you can quickly identify known bad sites, warn users before they click links in your site that may lead to infected pages, and prevent users from posting links to known malicious pages (for example, adding a malicious URL into a comment) from your site.

The Web Risk API includes data on more than a million unsafe URLs that we keep up-to-date by examining billions of URLs each day, and is powered by the same technology that underpins Google Safe Browsing. Safe Browsing protections work across Google products to help protect over three billion devices every day across the Internet. Our Safe Browsing engineering, product, and operations teams work at the forefront of security research and technology to build systems that protect people from harm, and now, the Web Risk API lets enterprises use this same technology to protect their users.

Protect against DDoS and targeted attacks with Cloud Armor

If you run internet-facing services or apps, you have a tough job: you have to quickly and responsively serve traffic to your end users, while simultaneously protecting against malicious attacks trying to take your services down. Cloud Armor is a Distributed Denial of Service (DDoS) defense and Web Application Firewall (WAF) service for Google Cloud Platform (GCP), and it’s based on the same technologies and global infrastructure that we use to protect services like Search, Gmail and YouTube. Today, we are pleased to announce that Cloud Armor is now generally available, offering L3/L4 DDoS defense as well as IP Allow/Deny capabilities for applications or services behind the Cloud HTTP/S Load Balancer.

The GA release includes a new Cloud Armor dashboard that is available in Stackdriver Monitoring. This flexible dashboard makes it easy to monitor and analyze traffic subject to Cloud Armor protection and lets network admins or Security Operations teams understand the effectiveness of Cloud Armor security policies. Additionally, users can now evaluate and validate the potential impact of proposed rules in preview mode across their whole project or drill down into individual security policies or backend services.

Leave a Reply

Your email address will not be published. Required fields are marked *