Chronicle enhances security ops in Google Cloud

Chronicle enhances security ops in Google Cloud

Updates related to Google Security Command Center, Amazon Inspector, Google Secure Web Proxy, Amazon Verified Permissions, AWS Lambda

NPW Research


Chronicle enhances security ops in Google Cloud

  • Chronicle Security Operations integrates with Security Command Center Premium, Google Cloud telemetry.
  • Offers turnkey threat detection, investigation, response (TDIR) through data collection and analysis.
  • Detect threats with high-fidelity alerts, investigate with visualized storylines, automate responses.
  • Simplifies data ingestion from various Google Cloud services, normalizes, contextualizes cloud telemetry. UPDATE

Google Cloud adds attack path simulation

  • Security Command Center now includes attack path simulation, analyzing vulnerabilities in Google Cloud environments.
  • The feature uses near-real time data to create high-risk attack paths without manual queries.
  • The service is fully automated, provides remediation advice based on findings.
  • An attack exposure score helps prioritize remediation, improving risk posture. UPDATE

Security Command Center Premium bolsters identity protection

  • Google Cloud’s Security Command Center Premium enhances detection of compromised identities.
  • New detectors include excessive failed attempts, anomalous service account impersonation, and dormant service account activity.
  • Offers insights into risky IAM policy changes and behavior by principals. UPDATE

Amazon S3 Introduces Dual-Layer Server-Side Encryption

  • Amazon S3 now offers dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS).
  • Compliant with National Security Agency CNSSP 15 for FIPS and Data-at-Rest Capability Package Version 5.0.
  • Supports querying and analyzing dual-encrypted data with AWS services like Athena and SageMaker. UPDATE

Amazon Inspector Adds Software Bill of Materials Export

  • Amazon Inspector now offers Software Bill of Materials (SBOMs) export in CycloneDx and SPDX formats.
  • Allows automated and centrally managed visibility into software supply chain and vulnerabilities.
  • Available at no additional cost across all commercial regions where Amazon Inspector is available. UPDATE

Amazon Inspector Supports Lambda Function Code Scans

  • Amazon Inspector expands to scan custom application code in Lambda functions.
  • Identifies vulnerabilities like injection flaws, data leaks, and weak cryptography.
  • Generates detailed, actionable security findings routed to AWS Security Hub and Amazon EventBridge. UPDATE

"Secure Web Proxy enhances cloud security"

General availability of Secure Web Proxy, a cloud-first network security offering that enables web egress traffic inspection, protection, and control for Zero Trust networking. UPDATE

"Google Cloud Firewall adds threat intelligence features"

Introduces threat intelligence and geo-location capabilities, allowing curated threat lists and granular control based on geographic locations for enhanced cloud workload security. UPDATE

Google Cloud submits OSCAL package

Google Cloud submitted OSCAL package for DoD Impact Level 5; machine-readable language for security control assessments developed by NIST. UPDATE

Preview of Amazon CodeGuru Security

Uses Machine Learning for static application security testing, identifying vulnerabilities, in-context code patches. UPDATE

Amazon Verified Permissions now GA

Fine-grained authorization, permissions management, high availability, scalability, integration with AWS CloudTrail. UPDATE

AWS Security Hub adds automation rules

Automatically update, suppress findings, update severity, add notes, custom or template-based rules. UPDATE

AWS Control Tower adds Security Hub controls

Adds 10 detective controls targeting various services, supports over 170 detective controls, proactive, preventive controls. UPDATE

Provisioning + Runtime

Azure VMware Solution now supports stretched clusters

  • Stretched clusters for Azure VMware Solution provides 99.99% uptime.
  • Supports Customer-Managed Keys for vSAN encryption.
  • Ensures high availability for critical applications with zero-recovery point objective.
  • Resilient to AZ failures, integrated with Azure Key Vault. UPDATE

Azure Front Door Migration to Standard/Premium Now Available

  • Azure Front Door Standard and Premium tiers, catering to dynamic/static content delivery and security, were made generally available in March 2022.
  • Migration from Azure Front Door (classic) to Standard or Premium is now possible with zero downtime.
  • Migration takes a few minutes and involves three to five steps depending on configurations. UPDATE

Azure Cache for Redis triggers Azure Functions

Trigger Azure Functions with Azure Cache for Redis on data types, keyspace notifications, write-behind/write-through cache support. UPDATE

Azure HX VMs for HPC now GA

HX-series VMs optimized for large memory HPC workloads; up to 176 AMD EPYC 9004-series CPU cores, 1.4TB RAM, 400Gb/s NDR InfiniBand. UPDATE

Azure Virtual Desktop gets insights upgrade

Now includes Azure Monitor Agent; collects data from session hosts for native monitoring, introduces configuration workbook experience. UPDATE

AWS Elastic Disaster Recovery updates

Replicates, recovers AWS network components, configurations, supports Trusted accounts, continuous data replication. UPDATE


Azure PostgreSQL gets performance insights

Summary: Detailed insights into query performance, optimization for slow-running queries, user-friendly interface. UPDATE

Azure Monitor Alert resources now visible

Alert resources in Azure portal, searchable, listed within subscriptions, resource groups, standard resource pane view. UPDATE


Vertex AI general availability for generative AI support

  • Vertex AI now generally supports generative AI, offering enhanced capabilities for building custom AI apps.
  • Access Google's text model powered by PaLM 2, Embeddings API for text, and more.
  • Tools available for model tuning, deployment, backed by enterprise-grade data governance, security, and safety. UPDATE

App Building

Redis Extension for Azure Functions in Public Preview

  • Redis extension for Azure Functions is in public preview.
  • Enables Redis to trigger serverless workflows, beneficial for write-behind cache and event-based architectures.
  • Compatible with various Redis data types and notifications. UPDATE

NPW Insights this week

  1. New York Life modernizes with cloud, cybersecurity
  2. Effective Test Automation Approaches for Modern CI/CD Pipelines
  3. ChatGPT bot streamlines code reviews
Access NPW Insights here