Security Roundup – stories and launches from first quarter 2022

by | May 18, 2022 | Cloud

The security world keeps changing, with new tools and new threats in the ever-evolving arms race that is cybersecurity. To keep you up to speed on all that Google Cloud is doing to help safeguard your data and your applications, welcome to the first installment of the Security Roundup. In this regular series, I’ll be sharing a selection of news and guidance to help ensure you have the resources you need for your hectic, high-stakes harm-preventing job. 

Applying the principle of least privilege to GKE clusters 

Access to your GKE clusters – just like any other resource – should be based on the principle of least privilege.  Use groups, individual roles, and Identity and Access Management tools to limit who can do what with your Kubernetes clusters in Google Cloud. These principles can help you control who uses which elements of the Kubernetes API as well as how they access your clusters. More details are in Anthony Bushong’s video.

In this episode of GKE Essentials, Anthony Bushong covers some best practices for securing access to your GKE cluster. From the principle of least privilege to defining cluster access, watch to learn how you can leverage the GKE API and Kubernetes Control Plane to secure access and ensure that users only have the access they need, and nothing more!

Ensuring CI/CD pipeline security

To make sure only trusted code artifacts enter your continuous integration and deployment pipeline, you can take advantage of Binary Authorization on Google Cloud, and then only permit signed builds to go through. Learn more in Martin Omander’s video interview and walkthrough with XIaowen Lin.

Want to know how you can protect your system? This complex problem has some simple solutions, and in this episode of Serverless Expeditions Extended, we’ll show you how Google Cloud is a thought leader in software supply chain security. Watch to learn how developers use Binary Authorization in Cloud Run so only approved builds get deployed!

Protecting against denial of service and flooding attacks

Once your applications are on the web, they become potential targets for attack. You can use Cloud Armor to protect against many types of traffic attacks, including distributed denial-of-service (DDoS), HTTP POST flood attacks, and more. After learning the normal traffic patterns of your apps, Cloud Armor monitors for anomalies and then generates alerts or intervenes on your behalf to block malicious traffic. Learn more with Arman Rye in this video.

Recently, there has been an increase of DDoS attacks against organizations costing major financial losses, drops in production, and security threats. Mitigating DDoS attacks as well as other types of online attacks against your organization is of paramount importance. Join Arman Rye, a Networking Specialist at Google Cloud, as he discusses Cloud Armor Adaptive Protection and how it helps you protect your Google Cloud applications, websites, and services against L7 DDoS attacks.

Defending against cyberattacks with Palo Alto Networks

If you use Palo Alto Networks products for endpoint protection or network monitoring, now you can integrate the signals from those systems into Google Cloud security tools. You can ingest device health conclusions from Palo Alto Networks Cortex XDR to boost your visibility into those endpoints’ state and improve your trust decisions. BeyondCorp Enterprise users can incorporate Cortex XDR metadata into access policies, leveraging additional posture information to add another level of trusted device information and operate with more confidence. Check out the details in this interview with Mason Yan at Palo Alto Networks.

How can you protect your company from cyberattacks and security risks? In this episode of Architecting with Google Cloud, Developer Relations Engineer Max Saltonstall interviews Mason Yan, the Director of Public Cloud Technical Engagement at Palo Alto Networks, about the ever-evolving process of security in the Cloud. Watch to learn how to avoid breaches and what to do when things go wrong.

Dealing with Apache Log4j 2 vulnerability(ies)

The Apache Log4j 2 vulnerability, if exploited, makes it possible for attackers to execute arbitrary code on a vulnerable server. Read this post by the Google Cybersecurity Action Team for more details on log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046) and how you can find out if you’re affected. It includes advice for how to use Google Cloud products like Binary Authorization rules and Security Command Center to keep your cloud deployments safe.

Good luck out there, and remember: Keep your data yours!

Related Article

In case you missed it: Google Cloud Security Talks, Threat Detection & Response Edition

In case you missed it, join us for Google Cloud Security Talks focused on security operations and modernizing your approach to threat det…

Read Article