Google Cloud on Wednesday announced expanded security capabilities, for both Google Cloud Platform customers and for enterprises that aren't using GCP. With the beta release of Google's new Web Risk API, organizations can tap into Google's lists of unsafe web resources to help protect their own users on the web.
The Web Risk API helps an organization identify known bad sites, helps to warn users before they click bad links on an organization's site, and it helps prevent users from posting links to known malicious pages.
The API uses the same technology that powers the Google Safe Browsing protections that work across Google products. Google checks billions of URLs each day to maintain its lists of unsafe URLS, such as social engineering sites and and sites that host malware or unwated software.
Google on Wednesday also announced the general availability of two GCP security products: Cloud Armor a distributed denial of service (DDoS) defense and web application firewall (WAF) service, and Cloud HSM, a managed cloud-hosted hardware security module (HSM) service.
With Cloud Armor, first introduced a year ago, GCP customers get access to L3/L4 DDoS defense, as well as IP whitelisting and blacklisting tools, for applications or services behind the Cloud HTTP/S Load Balancer. The GA release includes a new Cloud Armor dashboard available in Stackdriver Monitoring. The new dashboard lets users preview the potential impact of proposed rules.
With Cloud HSM, customers can protect encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs. It's a fully-managed service, eliminating the need for managing an HSM cluster. Cloud HSM has been available in several locations across the US, and Google said it is now extending it to multiple locations in Europe.