Google Cloud is making available to customers some of its own open-source security code that it says has already been tested and proven effective against cyberattacks.
The Mountain View, Calif.-based tech giant made clear its release of new open-source security code is part of Google’s pledge last summer to spend $10 billion to improve cybersecurity across the Internet.
Sunil Potti, vice president and general manager of Google Cloud, said that open-source software has become a primary target for cybercriminals, with a recent 650 percent surge in open-source software supply-chain attacks across the world.
As a result, Google Cloud is now making available security software it originally developed for its own internal use – and software that’s been thoroughly tested, vetted and used by Google, said Potti.“We have to find a way to get ahead of the threats,” Potti recently told reporters, noting tech companies across the globe are coming under increased regulatory pressure to help shore up cybersecurity on the internet. “It’s this perfect storm (that) requires us to step up our game.”
In a blog post today and at a separate press briefing, Google Cloud officials unveiled various initiatives it hopes will improve security for cloud and non-cloud customers in general. The announcements coincide with today’s Google Cloud Security Summit.
The main initiative, called Assured Open Source, makes available an array of open-source security codes curated by Google and aimed at helping both big and small companies interested in beefing up their security.
Another initiative, called Security Foundation Solution, is a package of Google Cloud-recommended products and security capabilities developed and tested by Google.
The other initiatives offer customers an “on ramp” to start implementing Zero Trust security and other measures to combat cyberattacks.
“We are basically sharing our security magic,” said Rob Sadowski, a trust and security marketing lead at Google Cloud, referring to Google’s release of new open-source security codes for customers.
As a result of Google’s testing and vetting process for its own codes, Sadowski said in an interview with CRN that customers will “know they’re getting trusted code from a trusted (source).”
As for the channel, Sadowski said the main beneficiaries will be resellers of Google security products.
“For resellers, it makes the products they’re (offering) more attractive,” he said, adding resellers can tout the open-source items as being faster and more effective than other open-source codes.
In his blog post entitled, “Charting a safer future with Google Cloud,” Potti said securing the software supply chain in general has been frustrating.
“Patching security vulnerabilities in open-source software often feels like a high-stakes game
of whack-a-mole: fix one, and two more pop up,” he wrote.
Google Cloud’s newly released open-source software will allow both private and public sector organizations to “easily incorporate the same
Open-source software packages that Google uses into their own developer workflows,” Potti wrote.