Google has launched new supply chain security offerings | Techno Glob

Google is trying to plug software supply chains and open source security vulnerabilities with two new initiatives.

Software Delivery Shield (SDS) and Assured Open Source Software (OSS) are just two of several offerings launched Tuesday during the Google Cloud Next ’22 conference to address the most current threats to supply chain security. Some of these products will include incident response and exposure management capabilities from Google’s acquisition of Mandiant, which became official last month.

Google Cloud held a virtual press conference last week with Phil Venables, CISO of Google Cloud; Sunil Potti, Vice President and General Manager of Google Cloud; and Kevin Mandia, CEO of Mandiant, to provide an acquisition update and discuss which enterprises the products address.

A key concern discussed during the event was supply chain security — particularly open source software that may contain hidden and unpatched vulnerabilities or malicious code.

“Open source is one of the weakest links in the enterprise,” Potti said at the press conference.

He added that Google Cloud’s Assured OSS service, which was introduced in May and is currently in preview mode, is a “game changer”. In a blog post announcing the products, Google Cloud said open source software “now helps power nearly all of our public infrastructure and is highly prevalent in most proprietary software.”

One of the main problems with open source software, as demonstrated by the recent rediscovery of a 15-year-old Python vulnerability, is the lack of support and maintenance. Google’s Assured OSS will scan, analyze and fuzz-test for vulnerabilities so that companies can deploy tested packages.

“From what we know, this is a first-to-market offering,” Potti said. “It starts with a healthy set of Java and Python that we compare with notes on top customer needs. We expect the package list to go from hundreds to thousands very quickly.”

Assured OSS is part of SDS, a set of tools intended to help companies build secure cloud applications and cover concerns along the software supply chain. Google said SDS is designed to improve security in five key areas of the software supply chain: application development, software supply, continuous integration/continuous delivery, production environment and policies.

Supply chain security has become a topic since Log4Shell — a vulnerability in the Apache framework for Java — was exploited in attacks against a large number of organizations since December 2021, Potti said.

Threats to supply chains are exacerbated by nation-state actors taking advantage of unpatched flaws and zero-day vulnerabilities, such as the proxylogon vulnerability found in Microsoft Exchange Server.

“Nation-state actors are increasingly spending more time not just on governments, but on industries of all sizes,” he said. “Big Banks to Small Credit Unions.”

Potti said that SDS combines earlier initiatives such as OPenn Source Security FoundationCo-founded by Google, the end-to-end framework for software artifacts created in 2021 is called Supply Chain Levels.

Google Chronicle, Mandiant updates

Chronicle Security Operations is another new initiative launched during Google Cloud Next that complements previous products. Chronicle, an independent cybersecurity company, was launched under Google Cloud Platform to help enterprises pull and analyze large amounts of data with services like VirusTotal and BackStory.

Now, Google says, with increasingly sophisticated threat actors, the data is getting deeper than ever.

The new security operations software suite is designed to help companies investigate and detect cloud threats, especially with the new challenges present in hybrid work environments. It combines Chronicle’s SIEM technology with security orchestration, automation and response tools from Google Cloud’s acquisition of SOAR startup Siemplify in January. Additional incident and exposure management capabilities from the recent Mandiant acquisition will be added to Chronicle Security Operations in the future.

Google agreed to acquire Mandiant in March and completed the deal in September. During the press conference, Mandia said that the incident response vendor will draw from Google Cloud’s insights and reach customers.

“We couldn’t predict how attackers are evading common security today. Joining forces with Google because of Google Cloud makes a lot of sense,” he said. “This allows for an increase in our knowledge and an increase in our ability to stop the most current attacks that organizations face.”

Google will help Mandiant add automation capabilities, which Mandiant said “everybody wants.” He praised Google’s analytics and AI prowess and said the capabilities would add to Mandiant’s security operations. Importantly, he emphasized how it would help in defense techniques against new threats and novel attacks.

“Every board or CEO wants to know, ‘How good are we?'” Mandia said. “The best way to get an answer is to test it.”

Source link