All the Security Updates - Google Cloud Next 21 - Cloud Security News
10/20/21 • 5 min
Cloud Security News this week 20 October 2021
- Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature.
- If you are familiar with XDR - which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting.
- They are also enhancing the integration between Chronicle (a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities.
- Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products.
- Google launched a new Build Integrity feature for Cloud Build which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters.
- For Google Workspaces they have also introduced new security features.
Episode Show Notes on Cloud Security Podcast Website.
Podcast Twitter - Cloud Security Podcast (@CloudSecPod)
Instagram - Cloud Security News
If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:
Cloud Security News this week 20 October 2021
- Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature.
- If you are familiar with XDR - which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting.
- They are also enhancing the integration between Chronicle (a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities.
- Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products.
- Google launched a new Build Integrity feature for Cloud Build which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters.
- For Google Workspaces they have also introduced new security features.
Episode Show Notes on Cloud Security Podcast Website.
Podcast Twitter - Cloud Security Podcast (@CloudSecPod)
Instagram - Cloud Security News
If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:
Previous Episode
What is Cloud Native Application Protection Platform - CNAPP Explained!
In this episode of the Virtual Coffee with Ashish edition, we spoke with Om Moolchandani (@omaitrika) is a CISO and CTO at Accurics (@AccuricsSec)..
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Twitter: Om Moolchandani (@omaitrika)
Podcast Twitter - Cloud Security Podcast (@CloudSecPod)
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel:
Next Episode
Talks not to be missed at Kubecon North America 2021 - Cloud Security News
Cloud Security News this week 21 October 2021
It's a month full of conferences and as promised we are back with our 2nd episode this week to bring you the cloud security highlights from KubeCon. In this episode we will share some of our team’s favourite from Kubecon 2021 North America
If you aren't quite familiar with the wonderful world of Kubernetes, there are a few weird and wonderful open source acronyms in today’s episode. TUF refers to The Update Framework, SPIFFE refers to Secure Production Identity Framework for Everyone SPIFFE, SPIRE is the SPIFFE’s Runtime Environment). Now that we are all across cool Kube words - lets into the talks
- Starting off with the talk from Andrew Martin, Co-Founder of Control Plane and Author of Hacking Kubernetes and Kubernetes Threat Modelling. He spoke about Kubernetes Supply Chain Security - he showcased work to build a Kubernetes Software Factory with Tekton and Deep dived on signing and verification approaches to securely build software with (TUF) SPIFFE, SPIRE and sigstore
- Ian Coldwater from Twilio; Brad Geesaman & Rory McCune from Aqua Security Duffie Cooley from Isovalent combined forces to share with the community how they do security research or hacking Kubenetes clusters using a recently discovered Kubernetes CVE (Common Vulnerability and exposure) - Their talk was called Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk
- Matt Jarvis from Synk shared what to do if your container has a huge number of Vulnerabilities - how to prioritise them and remediate them in his talk My Container Image has 500 Vulnerabilities, Now What?
- Talking about containers and Vulnerability scanning If you want to know about how vulnerability scanners work, their blind spots and how to implement a practical risk based approach to remedy vulnerabilities that really matter to your organisation - check out Pushkar Joglekar’s Keeping Up with the CVEs: How to Find a Needle in a Haystack?
- If you find yourself asking “How do I access my S3 bucket in AWS from my GCP cluster?” Brandon Lum & Mariusz Sabath, IBM may have the answer for you in their talk Untangling the Multi-Cloud Identity and Access Problem With SPIFFE Tornjak where they talk about a proposed shift in the perspective of workload identity from being “platform specific” to “organization wide” using SPIFFE/SPIRE and the new SPIFFE Tornjak project.
Episode Show Notes on Cloud Security Podcast Website.
Podcast Twitter - Cloud Security Podcast (@CloudSecPod)
Instagram - Cloud Security News
If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/cloud-security-podcast-175178/all-the-security-updates-google-cloud-next-21-cloud-security-news-17114721"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to all the security updates - google cloud next 21 - cloud security news on goodpods" style="width: 225px" /> </a>
Copy