Google's cloud platform will now scan developers' applications for common security vulnerabilities.
The search giant said Thursday the new security bug checker, dubbed the Google Cloud Security Scanner, will detect two common flaws, including cross-site scripting (XSS) issues, and mixed content.
Using Google's Compute Engine, the scanner will "create a botnet of hundreds of virtual Chrome workers to scan your site," said Rob Mann, Google security engineering manager, in a blog post.
In another test for cross-site scripting, which allows hackers to inject potentially malicious code into a hosted web app, Google will "attack" the site (albeit safely and in a controlled way) with a benign payload to determine if a web app is vulnerable.
The service, currently in beta, is part of Google's effort to double-down on security matters in the past few weeks and months. But, the company has faced controversy and anger at some of its decisions.
The company's Project Zero, a division that discovers security vulnerabilities in common software and web-based services, disclosed a number of bugs in recent weeks. Microsoft did not take too kindly to it the first time around, but Google did it again -- disclosing yet another bug that it claimed the software giant had stalled on fixing. That said, the two companies have seen common ground on an effort to tackle false antivirus flags, which Google said is a "headache" for both users and app developers.
But the search giant also took a hit after it said it would not patch a critical security bug in older Android versions, which make up more than 60 percent of the Android ecosystem.