3 min Security

Google Cloud integrates Mandiant technology for stronger security

Google Cloud integrates Mandiant technology for stronger security

Google Cloud is integrating more technology from its subsidiary, Mandiant, to make its platform more secure. It also introduces a solution for safer enterprise collaboration through threat intelligence sharing and an update to the Google Defender Advantage framework.

Google Cloud has greatly expanded its security options. First, the Mandiant Managed Defense for Google Security Operations service is now generally available. The service combines Mandiant’s threat hunting and incident investigation expertise with Google Cloud’s built-in Security Operations platform. It gives users access to real-time threat detection and capabilities to address them immediately. The Mandiant Managed Defense solution provides automated threat identification and risk analysis, leading to faster incident investigation and resolution.

Google Cloud Security Operations coverage is constantly updated with insights from Mandiant’s threat research, so customers are always protected against the latest cyber threats. This allows security teams to focus more on strategic activities rather than constantly investigating alerts and resolving incidents.

In addition, the solution is vendor-agnostic and supports various EDR and XDR technologies that customers may already be using. Support for Corelight Open NDR is now widely available, and support for Palo Alto Next-Generation Firewall is in development.

Enterprise security collaboration

A second security addition for Google Cloud is the introduction of Private Collection Sharing for Google Threat Intelligence. This service focuses on improving secure enterprise collaboration.

With this solution, companies can share important threat intelligence, such as indicators of a possible attack, tactics, techniques, procedures, or strategic insights with colleagues and partners. In this way, companies can establish long-term collaborations to fight cyber threats.

Defender Advantage framework update

The third and final announcement from Google Cloud concerns the presentation of the second version of the Google Defender Advantage framework. This framework helps companies optimize their cyber protection based on their internal knowledge.

The framework provides a structured approach to security, focusing on how intelligence drives key security functionalities such as detection, response, validation, threat hunting, and monitoring.

The updated version now offers users practical guidance on identifying redundancy, security vulnerabilities, and opportunities to improve their security posture. The framework also leverages companies’ internal knowledge of their systems, which can provide a tactical advantage against external hackers.

In addition, the new version of the Google Defender Advantage framework provides companies with insights on gathering intelligence effectively, allowing security teams to be more proactive and prepared for threats.

The new version of the Google Defender Advantage framework is now available for download.

Also read: Google Cloud aims for converged security approach