Google Cloud unveils new tools for detecting modern threats
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
Source:-zdnet.com
Google Cloud on Monday announced a series of new security capabilities, including a new way to detect threats with Chronicle’s security analytics platform. The new security tools line up with Google Cloud’s broader efforts to cater to enterprise customers.
CLOUD
Cloud computing: Spending is breaking records, Microsoft Azure slowly closes the gap on AWS
Microsoft to combine its Windows client and hardware teams under Chief Product Officer Panos Panay
Top cloud providers in 2020: AWS, Microsoft Azure, and Google Cloud, hybrid, SaaS players
How esports intersects with life, athletics, and business (ZDNet YouTube)
Google Stadia vs. Microsoft xCloud: The battle for cloud gaming (CNET)
Tips on keeping a Google Photos-type video bug from impacting cloud-based files (TechRepublic)
Chronicle, a cybersecurity company hatched from Alphabet’s moonshot X unit, was folded into Google Cloud last year. Now, customers using Chronicle’s security analytics platform will be able to detect threats using YARA-L, a new rules language built specifically for modern threats and behaviors.
YARA is a widely used, open source language for writing rules to detect malware. The Chronicle team created this new version to apply to security logs and other telemetry, like EDR data and network traffic. YARA-L (L for logs) allows security analysts to write rules better suited for detecting the types of modern threats described in Mitre ATT&CK (a platform that organizes and categorizes the types of tactics and techniques used by bad actors). The new threat detection offering, Google says, allows for massively scalable, real-time and retroactive rule execution.
Additionally, Chronicle is introducing a new data structure that combines a new data model with the ability to automatically link multiple events into a single timeline. For example, the new data structure could automatically link seemingly disparate actions from an employee — such as receiving an email with a link, logging into a fake web page, and downloading a malware file to their machine. Typically, after a data breach, a security analyst would have to manually collect the logs from each of these three actions and determine if they were related.
Palo Alto Networks Cortex XSOAR is the first Google Cloud partner integrating with this new structure.
Google is also bringing into general availability its Web Risk API and reCAPTCHA Enterprise services, which help organizations protect user accounts from fraudulent activities on the web. The reCAPTCHA Enterprise service helps protect against activities like scraping, credential misuse, and automated account creation. Meanwhile, Web Risk API helps an organization identify known bad sites, helps to warn users before they click bad links on an organization’s site, and it helps prevent users from posting links to known malicious pages.
Google Cloud, which recently disclosed its $10 billion annual revenue run rate, has taken other steps recently to step up its security capabilities. In December, the business announced new partnerships with cybersecurity firms.