aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
  • Tools
  • About
  • Platforms
  • Technology
  • Tools

Why (And How) Google Cloud Is Adding Attack Path Simulation To Security Command Center

  • aster_cloud
  • March 31, 2023
  • 3 minute read

As cloud environments scale and evolve based on changing business priorities, security teams may struggle to understand where their biggest risks are and where to focus their security controls. Some cloud security products have begun to incorporate attack path analysis to address this prioritization problem. Attack path analysis is a technique of discovering possible pathways that adversaries can take to access and compromise IT assets.

A common approach in implementing attack path analysis is to produce a graph of all assets, and then query the map to discover possible exploit paths. While this may produce impressive-looking graphs, it requires the management of large query sets, and it often fails to help teams set the right priorities.


Partner with aster.cloud
for your next big idea.
Let us know here.


cyberpogo

To address this shortcoming of current solutions, we are taking a more intelligent approach in Security Command Center (SCC), our security and risk management solution that is built into Google Cloud. We are adding an advanced simulation engine to attack path analysis that will identify assets that are most vulnerable to attack, which can help defenders know where to apply the right security controls to better protect their cloud environment.

Attack path simulation

Adding automated simulation to attack path analysis enables Security Command Center to model how real-world adversaries could potentially attack cloud resources. Our simulation engine will analyze all assets in a Google Cloud environment, the relationships between these assets, the current state of defenses, and potential security issues, including misconfigurations and vulnerabilities. It will then mimic how an attacker could navigate the environment to gain unauthorized access to high value assets.

Read More  Compose For Wear OS 1.1 Is Now Stable: Check Out New Features!

Our attack path simulation technology comes from Foreseeti, a Swedish risk analytics company acquired by Google in 2022. Foreseeti was founded by university researchers and scientists who were inspired by large-scale simulations in other industries, including automobile crash tests and the structural analysis of bridges, and sought to apply their research and techniques to improve cybersecurity.

How it works

Attack path simulation will be driven from an external attacker’s perspective. The simulation engine employs multiple attack methods, across all known paths to valued assets, with the goal of reaching and compromising the asset. It will consider obvious exposure points, such as open firewall ports and public IP addresses, but also factor in less-obvious factors.

For example, the simulation engine will be able to compute scenario-based risk assessments, such as what happens if a user gets phished and also has an over-privileged account; or if an attacker exploits a vulnerability in an operating system, which they can subsequently leverage to abuse a default service account.

In building the simulation model, we understood that it could potentially yield too many possible attack paths to be useful to security teams. So we configured it to identify the specific attack paths leading to the highest value resources that could be compromised with the least resistance. By factoring in the value of cloud assets (such as databases containing customer information), along with the level of effort and skill required by an attacker to reach the asset, simulation results should reveal the most critical attack paths and the resources most exposed to attackers.

Read More  Cloud IAM Google Cloud

To make day-to-day operations less taxing for security teams, we designed attack simulations to run automatically over time rather than require an engineer to manually invoke them every time there is a change to the environment. Additionally, the attack path simulation model will directly access information about the Google Cloud environment, including detailed asset information, comprehensive security data, and rapid support for new services — helping ensure that simulation results accurately reflect the most current state of the environment.

Who benefits from attack path simulation?

Attack path simulation can put vital information at the fingertips of security professionals and engineers, including:

  • Security Operations Center (SOC) and vulnerability management teams can get more actionable information on their cloud security findings, which can lead to better prioritization of the risks leading to the likeliest attack exposures.
  • The Chief Information Security Officer (CISO) can better track and manage risks in their Google Cloud environment over time, and compare progress across projects and teams.
  • DevOps teams can design more secure environments and scale faster, better leveraging risk insights to mitigate exposures earlier in the development lifecycle.

How to get attack path simulation for your Google Cloud environment

We’ll have more details on the integration of this groundbreaking technology into Security Command Center and its availability for customers soon.

To learn more about how to secure your Google Cloud environment with Security Command Center please visit: https://cloud.google.com/security-command-center

By: Vikram Makhija (Senior Director, Engineering, Google Cloud) and Robert Lagerström (Senior Staff Software Engineer, Google Cloud)
Originally published at Google Cloud Blog

Source: Cyberpogo


Our humans need coffee too! Your support is highly appreciated, thank you!

aster_cloud

Related Topics
  • Google Cloud
  • Security
  • Security Command Center
You May Also Like
View Post
  • Architecture
  • Platforms
  • Software
  • Solutions
  • Technology

What To Expect From Apple’s WWDC 2023

  • June 1, 2023
View Post
  • Engineering
  • Tools

Red Hat Puts Podman Container Management On The Desktop

  • May 30, 2023
View Post
  • People
  • Technology

Huawei ICT Competition 2022-2023 Global Final Held In Shenzhen — 146 Teams From 36 Countries And Regions Win Awards

  • May 27, 2023
View Post
  • Platforms

Build Next-Generation, AI-Powered Applications On Microsoft Azure

  • May 26, 2023
View Post
  • Technology

Huawei OceanStor Pacific Scale-Out Storage Tops IO500 Rankings

  • May 26, 2023
View Post
  • Platforms
  • Solutions

MongoDB And Alibaba Cloud Extend Global Partnership

  • May 25, 2023
View Post
  • Engineering
  • Practices
  • Tools

Tricentis Launches Quality Engineering Community ShiftSync

  • May 23, 2023
View Post
  • Programming
  • Software Engineering
  • Technology

Build a Python App to Alert You When Asteroids Are Close to Earth

  • May 22, 2023

Stay Connected!
LATEST
  • 1
    Building A Kubernetes Platform: How And Why To Apply Governance And Policy
    • June 4, 2023
  • 2
    Leave, This “United” “Kingdom”, This “Great” “Britain”
    • June 4, 2023
  • 3
    Amazing Federated Multicloud Apps
    • June 2, 2023
  • 4
    What’s The Future Of DevOps? You Tell Us. Take The 2023 Accelerate State Of DevOps Survey
    • June 2, 2023
  • 5
    Resolving Deployment Issues With Ts-node And Azure Development Pipelines
    • June 1, 2023
  • 6
    What To Expect From Apple’s WWDC 2023
    • June 1, 2023
  • 7
    What Is Platform Engineering And Why Adopt It In Your Company?
    • June 1, 2023
  • 8
    Four Steps To Managing Your Cloud Logging Costs On A Budget
    • May 31, 2023
  • 9
    Red Hat Puts Podman Container Management On The Desktop
    • May 30, 2023
  • 10
    The Agile Mindset: A Path to Personal Fulfillment and Growth
    • May 30, 2023
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • 1
    Huawei ICT Competition 2022-2023 Global Final Held In Shenzhen — 146 Teams From 36 Countries And Regions Win Awards
    • May 27, 2023
  • 2
    Huawei OceanStor Pacific Scale-Out Storage Tops IO500 Rankings
    • May 26, 2023
  • 3
    MongoDB And Alibaba Cloud Extend Global Partnership
    • May 25, 2023
  • 4
    Tricentis Launches Quality Engineering Community ShiftSync
    • May 23, 2023
  • 5
    G7 2023: The Real Threat To The World Order Is Hypocrisy.
    • May 27, 2023
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.