Google Cloud improves threat detection with cloud-native network security offering

Join today’s top leaders online at the Data Summit on March 9. Register here.

Google Cloud today announced new threat detection capabilities with the general availability launch of Cloud IDS, a cloud-native network security offering that aims to provide easier deployment and use than existing options.

An IDS, or Intrusion Detection System, allows customers to detect network-based threats while meeting regulatory compliance requirements.

Workloads that are migrated to cloud environments do not relieve customers of their network security obligations. Instead, customers need to secure their software-defined cloud networks, which are highly dynamic and present unique challenges for security professionals.

A recent survey of cloud engineering professionals found that 36% of organizations experienced a serious cloud security data leak or breach in the past 12 months. And 64% said they expect the problem to get worse or stay the same over the next year, according to Fugue and Sonatype’s report.

Cloud Security Challenge

To meet their cloud network security needs, security teams often create their own cloud network threat detection solutions, using open source or third-party components, Google Cloud said in a blog post. “These bespoke solutions can be difficult and expensive to operate, and they often lack the scalability needed to protect dynamic cloud applications,” the company said in the post.

Cloud IDS aims to relieve security teams of the need to spend time designing and operating their own cloud network threat detection. The offering gives customers visibility into both “north-south” traffic entering their cloud environment, as well as “east-west” traffic occurring between workloads, Google Cloud said.

Cloud IDS provides protections against malware and spyware, command-and-control attacks and other vulnerabilities, including illegal code execution and buffer overflow, the company said.

Simplified deployment and use

Google Cloud said Cloud IDS – which was developed using threat detection capabilities provided by Palo Alto Networks – offers a number of deployment, usage and management benefits.

The solution can be deployed in “a few clicks” and can be “easily” managed through a user interface, command-line interface or APIs, Google Cloud said in an email to VentureBeat.

Cloud IDS also stands out because there is no need to design for high performance and availability – which is already built in with auto-scaling that dynamically adjusts based on traffic, the company said. company.

Crucially, there’s also no need to create your own attack signatures, Google Cloud said. Because Cloud IDS is an “end-to-end” cloud-native solution built with technology from Palo Alto Networks, customers can immediately take advantage of an “extensive” catalog of attack signatures and detection mechanisms for known attacks, as well as anomaly detection for unknown attacks. , the company said. Detection signatures are also automatically updated daily, the company said.

Platform integrations

Cloud IDS was originally unveiled in July, and the integrations promised in that initial announcement are now available. The offering is integrated with five platforms from other vendors: Splunk Cloud Platform, Splunk Enterprise Platform, Exabeam Advanced Analytics, The Devo Platform, and Palo Alto Networks Cortex XSOAR.

Additionally, Cloud IDS is integrated with Google Chronicle, the company’s security analytics platform, to investigate threats discovered by Cloud IDS. Google Cloud plans to launch additional integrations in 2022 but did not provide details.

The company said the pricing for the offering is based on hourly charges for the Cloud IDS endpoint as well as the amount of traffic that ends up being inspected.

In terms of target users, Cloud IDS can help customers who are migrating from an on-premises environment to the cloud and who have deployed an on-premises IDS solution, according to Google Cloud. It’s also ideal for customers who need to comply with standards like HIPAA, PCI and ISO, the company said.

Customers using Cloud IDS already include Avaya, Lytics, and Meditech.

Ultimately, Cloud IDS provides “high levels of security effectiveness that allow you to detect malicious activity with few false positives,” Google Cloud said in its blog post.

VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Learn more

Kevin M. Risinger