Google Cloud Security

We're one week away from the Google x TENEX.AI Security Summit at the Google Toronto Office! 🛡️ Security is about moving fast without breaking your defense. If you’re building or scaling a security program, this is where you need to be next week. Why join us? 🔹 Direct Access: Engage with Google Cloud and Tenex security experts. 🔹 Founder-to-Founder Insights: Learn how other high-growth organizations are navigating the modern threat landscape. 🔹 Actionable Strategy: From AI security to cloud hardening, get the blueprints you need to stay resilient. 🗓️: April 9, 2026 | 12 - 5 pm 📍: Google Toronto Office 🔗 Register now to secure your spot: https://bit.ly/4sHxsMJ

AI took center stage at #RSAC 2026, but not all AI is created equally! Fresh off an exciting week, Anton Chuvakin and Timothy Peacock break down what they saw across the AI landscape — from emerging trends to where vendors take to AI and security, telling an “AI Washer” from “AI Tourist”, and more. 🎧 Tune into the latest episode of the Cloud Security Podcast by Google: https://bit.ly/4bKdk6V

During threat hunts and investigations in Google SecOps, reducing your data set with an inner join is standard practice. But sometimes, security teams need a more holistic view of their environment. Enter outer joins. While inner joins require matching values on both datasets to return data, left and right outer joins allow you to retrieve all events on one side of the join, plus any intersecting data from the other side. This is highly effective when you need a full list of events for context, but want to flag specific entities—such as returning all network connection events while identifying exactly which of those connections match a TOR Exit Node or a Mandiant Fusion IOC in the entity graph. Read more in this blog post by John Stoner and learn how to build these joins for hunts and investigations in Google SecOps: https://bit.ly/411AOhE

✅ Google Security at #RSAC was a success! Throughout the conference, our experts shared insights on AI implementation, evolving threats, and the tools and strategies security teams can use to stay ahead. ⬇️ Here are a few standout takeaways. 📄 Check out the news from Google Security at RSA Conference: https://bit.ly/3PSnWYG

Expose the underground with Google Threat Intelligence! 🕵️♂️ Scale your visibility into forums, markets, and chat platforms to hunt for leaks and exploits before they hit. 🛡️ Check the guide: https://goo.gle/4c0aw4l API documentation: https://goo.gle/4cdUwNk #GoogleTIMondays #ThreatIntel #CyberSecurity #Darkweb

The window to patch critical vulnerabilities has shrunk from weeks to just days. With attackers operationalizing AI to identify and exploit unpatched systems faster than ever, security leaders have little room for delay. To help leadership teams stay ahead of this evolving landscape, Google Cloud's Office of the CISO has launched the second iteration of our Board Edition: Cloud Threat Horizons Report H1 2026. Designed as a concise companion to our full-length report, this edition is built specifically to equip your board and C-suite for critical business risk discussions. From targeted, relevant questions Directors can use to assess the efficacy of their current program to useful, bottom-line data points which can help drive discussions-- this report is a must-read for any organization concerned about the increased threat potential of AI. Read the report to stay ahead of emerging risks and make more informed, strategic decisions: https://lnkd.in/evqEvgmj

Didn’t make it to San Francisco? 🌉 Sandra Joyce, VP, Google Threat Intelligence, Google Cloud, took the stage at #RSAC to discuss how adversary tactics are evolving, and how AI is accelerating attacks. Sandra spotlighted Google’s active defense approach: combining legal action, public disclosure, technical takedowns, and product hardening to disrupt threat actors at scale. The message is clear: disruption can’t be optional. By collaborating across law enforcement, tech providers, and frontline defenders, we can shift the economics of adversary operations and stay ahead of increasingly sophisticated AI-powered threats. Watch the full video: https://bit.ly/4rXRjWQ Video courtesy of RSAC™ Conference

📊 500,000 hours of incident response data, distilled into one hour. At #RSAC, Omar ElAhdan, Matthew Nichols, John Palmisano, and Ethan Izenwasser covered myriad critical stats from this year’s M-Trends report, breaking down what they reveal about today’s threat landscape and what security teams should be preparing for next. 📋 Dive into key findings: https://bit.ly/4m51szN

Securing Google SecOps automations, such as Detection as Code or scripts leveraging the Chronicle API, often introduces the "Secret Zero" problem. Authenticating CI/CD pipelines from third-party tools like GitHub or GitLab using long-lived Service Account JSON keys creates significant governance and security risks. These keys do not expire, are difficult to rotate, and provide persistent platform access if leaked. We are detailing a modern solution: Workload Identity Federation (WIF) for Google SecOps. This approach replaces risky static keys with a secure, keyless authentication mechanism for your Google SecOps API interactions. By implementing WIF and adopting it within the secops-toolkit open-source pipelines, security teams can: - Eliminate Secret Zero: Stop generating and storing long-lived service account keys in third-party tools. - Enforce Least Privilege: Restrict programmatic access using Attribute Conditions, such as limiting deployments exclusively to your main branch. - Ensure Short-Lived Access: Leverage ephemeral credentials that expire automatically, drastically reducing the blast radius of a potential leak. - Integrate Seamlessly: Connect GitHub Actions directly to the Google SecOps API via native Google Cloud federation. Our definitive guide covers exactly how to harden your security automation pipelines, complete with the necessary gcloud commands, GitHub workflow examples, and end-to-end implementation steps. Read more about it in the blog post by Simone Bruzzechesse: https://bit.ly/4tbK4f6

That’s a wrap on another amazing #RSAC for Google Security 🎊 Thank you to the speakers, attendees, and teams who made these conversations possible. Feeling nostalgic already? Explore the key announcements and insights from Google Security: https://bit.ly/4sArRaZ