YJFX Adopts Red Hat OpenStack Platform to Build Out Customer Service Infrastructure
November 25, 2019
macOS Red Team: Spoofing Privileged Helpers (and Others) to Gain Root
November 25, 2019
Protecting applications exposed to the internet is an increasingly difficult job. Since we launched Google Cloud Armor last December, it has helped enterprises protect themselves and their users with a native solution that protects big and small applications from Distributed Denial of Service (DDoS) and targeted web attacks with custom security policies enforced at the edge of Google’s network, at Google-scale.
Last week, we announced new web-application firewall (WAF) capabilities, now available in beta. With this release, Google Cloud Armor is expanding the scope of protection it provides for securing your applications and other workloads from DDoS and targeted web-based attacks. It can also help you meet compliance requirements from internal security policies as well as external regulatory requirements. Specifically, Google Cloud Armor now lets you create security policies or expand existing ones to enforce:
- Geo-based access controls
- Pre-configured WAF rules, and
- Custom L7 filtering policies using custom rules
Visibility into the usage and effectiveness of security controls as well as the protected applications is essential to security operations. Google Cloud Armor now sends findings to Cloud Security Command Center (Cloud SCC) to alert defenders of potential Layer 7 attacks. This is in addition to the rich set of telemetry that it already sends to Stackdriver Logging and Stackdriver Monitoring.
Google Cloud Armor overview
Google Cloud Armor mitigates DDoS attacks and protects applications from the web’s most common attacks while allowing you to create custom L7 filtering policies to enforce granular access controls on public-facing applications and websites.
Google Cloud Armor is deployed at the edge of Google’s network and tightly coupled with our global load balancing infrastructure. As a result, Google Cloud Armor helps you solve your most pressing application security and compliance needs at any scale, blocking unwelcome or malicious traffic at the edge of the network, far upstream of your VPCs or other infrastructure.
