- Last week we shared updates about the Google Cybersecurity Action Team and Work Safer program launched at Day 1 of Google Cloud Next 21. If you missed it, be sure to check out episode from last week
In addition to the Google Cybersecurity Action Team and the Work Safer Program, Google had a few other security updates to share. This episode, we will deep dive into few major cloud security updates at Google Cloud Next 21. As a special treat, we have another episode line up for you tomorrow for updates from Kubecon and HashiConf Conf
Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature.
If you haven’t come across BeyondCorp yet, its Zero Trust cybersecurity framework developed/ modeled by Google that shifts access control from the traditional network perimeter to individual devices and users. The goal for BeyondCorp is to enable users to securely work anytime, anywhere and on any device without having to use a virtual private network, or VPN, to access an organization’s resources.
The addition of the new feature means Google cloud customers who use BeyondCorp enterprise can now authenticate to non-web application using their identity and device, without having to install any form of agent e.g. a VPN agent. All this straight from the Google Admin page where one can define policies for what is allowed and what is prohibited on a company device.
If you are familiar with XDR – which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting.
They are also enhancing the integration between Chronicle
(a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities.
Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products.
If you are a user of Cloud Build, a google service which lets you build, test, and deploy on their serverless CI/CD platform across multiple environments. Google launched a new Build Integrity feature which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. They also enabled Binary Authorization integration with Cloud Run to ensure only trusted images make it to production
For Google Workspaces they have also introduced new security features. Client-side encryption for Google Meet, in beta, which gives customers direct control of encryption keys and the identity service used to access keys. Data Loss Prevention (DLP) for Google Chat, in beta, which helps prevent sensitive information from leaking outside of your organization.
- In other news Alibaba Cloud is set to open new datacentres in Thailand and South Korea in 2022. The e-commerce giant is the number one cloud computing player in China but has focused on expanding its footprint internationally which now covers markets such as Indonesia, Singapore, Malaysia and more recently, the Philippines. Alibaba also launched a new chip called Yitian 710, to power artificial intelligence applications on Alibaba’s cloud. Cloud computing is seen as a key profit driver for Alibaba over the long term, though it accounts for around 8% of the company’s total revenue at the moment.
- Do you use GitKraken or have you heard about it ? If you havent, its multiplatform graphical user interface (GUI) for Git developed by Axosoft, as an alternative to the command line
Github reported last week that Axosoft notified them regarding a vulnerability in a dependency called keypair which resulted in the GitKraken client generating weak secure shell keys. To remedy this Github revoked all keys generated by these vulnerable versions of the GitKraken client that were in use on GitHub.com, along with other potentially weak keys created by other clients. They also implemented protections to prevent vulnerable versions of GitKraken from adding newly-generated weak keys.