3 min Security

Google Cloud aims for a converged security approach

Google Cloud aims for a converged security approach

One word dominated the Google Cloud Security Summit: convergence. A dizzying number of dashboards stands in the way of a clear security approach. Google believes that improved security is only achieved by keeping things simple.

Google Cloud is not introducing a new product at the Security Summit, although it will unveil new features. Above all, the company does not want to continually peddle new solutions. The company believes organizations of all sizes are better served by keeping security software simple. It believes the number of moving parts in such tools needs to go down. How does Google Cloud reach that point?

Through the entire portfolio

Convergence can thankfully be illustrated quite clearly. Thus, we see that Google Cloud presents an onion peel into which all of its security offerings have nested. For example, the core contains AI and Threat Intelligence, which (with Mandiant’s fieldwork, for example) continuously stays up-to-date with the threat landscape.

Source: Google Cloud

Beyond that are, first of all, Google Cloud’s SecOps platform, cloud risk management and frontline intelligence & expertise. The former unites SIEM, SOAR and attack surface management to take proactive action against threats. This now includes support from the AI-driven Gemini in Security Operations, which should save a lot of time in particular. Cloud risk management, in turn, goes beyond just Google Cloud, as it also seeks to protect multi-cloud environments. From threat intelligence, this has also proven to be a reality, as Mandiant showed by revealing vulnerabilities in Microsoft Azure Kubernetes Service.

Frontline intelligence & expertise focuses on red teaming and threat hunting to, again, remain proactive against cybercrime. When things do go wrong, this side of Google Cloud also provides incident response.

All of this is encapsulated by secure enterprise access, which provides hundreds of millions of devices with endpoint protection, data protection and zero trust access.

Refinements everywhere

Because Google Cloud is not putting out a brand new product, the announcements rest mostly on a host of updates and upgrades. Examples include expanded PAM capabilities, better interoperability with Microsoft cloud services like Entra ID and new confidential VM features.

The complete list of announcements is significant, but is obviously less high-profile than a new solution. Still, it may be a good indication if security systems themselves are especially good to grasp at the expense of a mediagenic product.

Also read: SentinelOne and Google Cloud continue to work together on autonomous security