Connect with us

Hi, what are you looking for?


Cloud Security

Google Launches New Cloud Security Services

Google has introduced a new set of services to provide cloud customers with improved protection from unsafe websites, distributed denial of service (DDoS) attacks, and other threats.

Google has introduced a new set of services to provide cloud customers with improved protection from unsafe websites, distributed denial of service (DDoS) attacks, and other threats.

With the newly introduced Web Risk API, currently in beta, client applications can check URLs against Google’s lists of unsafe web resources, such as phishing and deceptive sites, and sites hosting malware or unwanted software. 

The new Google Cloud service allows organizations to quickly identify known bad sites and warn users that clicking on specific links may lead to risky pages. It can also be used to prevent users from posting links to known malicious pages, Google says

Powered by the same technology as Safe Browsing, Web Risk API leverages data on over a million unsafe URLs that Google maintains by examining billions of links each day, and allows enterprises to leverage the technology to keep their users safe. 

Google also announced the general availability of Cloud Armor, a DDoS defense and Web Application Firewall (WAF) service for the Google Cloud Platform (GCP). 

Based on the same technology used to protect services such as Search, Gmail and YouTube, Cloud Armor delivers L3/L4 DDoS defense, along with IP Allow/Deny capabilities for applications or services behind the Cloud HTTP/S Load Balancer.

The release is accompanied by a new Cloud Armor dashboard in Stackdriver Monitoring to monitor and analyze traffic subject to Cloud Armor protection, while also making it easy for users to evaluate the potential impact of proposed rules on their whole project. 

Advertisement. Scroll to continue reading.

Google also announced the general availability of Cloud HSM, its managed cloud-hosted hardware security module service on GCP, which can protect encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs. 

Meant to protect sensitive workloads while eliminating the hassle of managing an HSM cluster, the service has been available in several locations across the US and is now available for GCP customers in multiple locations in Europe as well.

“Any type of new services offered by the cloud vendors are useful, but there isn’t anything new being offered that was not already on offer by an existing vendor. There are entire markets built around web gateways, DDOS protection, and encryption key management. An evaluation would need to be performed to understand what benefits Google provides already well-established security vendors,” Chris Morales, head of security analytics at Vectra, told SecurityWeek in an emailed comment. 

“I think the biggest problem facing the cloud is ensuring only the right people have access to data stored in cloud workloads. Inside the confines of the enterprise network, misconfigured systems and applications aren’t as susceptible to compromise because there are already other internal controls limiting external access, but even then, these systems are easily compromised by attackers who infiltrate the network. In the cloud, a simple misconfiguration or exposure of system access means there are no defenses in place to stop someone from just taking everything. The potential for misconfiguration of access to cloud workloads is real,” Morales said. 

Related: Google Announces New Security Tools for Cloud Customers

Related: Microsoft Boosts Azure Security With Array of New Tools

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...