MITRE ATT&CK integration and baked-in DDoS prevention are now available in Google Cloud. Credit: Google / Thinkstock Google has announced that Google Cloud users will have access to two new security features, namely native integration with the MITRE ATT&CK threat classification and response framework and baked-in protection against DDoS attacks.Cloud Armor is Google’s brand name for its DDoS mitigation and web application firewall service. It replicates many of the techniques used in traditionally structured DDoS protection systems, including per-client rate limiting, captchas to help weed out bot requests, and machine learning to counteract Layer 7 attacks. MITRE inclusion allows users to map Google Cloud’s built-in security controls onto the MITRE ATT&CK rubric of threat classification and response planning, letting users automate certain types of security response.Tuesday’s announcements amount to Google catching up to its competitors in terms of the security of its public cloud, according to experts, as well as appropriating some features of dedicated third-party security products into the company’s own platform. DDoS protection features like the ones introduced this week have been around for a long time—including at Google, which has long used it to protect its own computing resources. Forrester Research principal analyst Lee Sustar said that Tuesday’s additions still don’t fully obviate the need for additional security products for many public cloud users. “The question is whether the built-in cloud-service provider security tools are sufficient or not, and need to be augmented,” Sustar said. “Certainly, the cloud providers’ security provisions have improved in recent years, but you still generally need to add additional tools.”MITRE is key to enterprise securityBoth Sustar and Gartner vice president and analyst Patrick Hevesi stressed that the MITRE integration is an important step forward for Google Cloud, given its importance to the daily practice of security at larger organizations. “This is one of the biggest tools that helps vendors and security operations teams map … these indicators of compromise happening, what is the attack, and what does my response need to be,” Hevesi said. “We see this as a big trend, [and] it looks like they’re also sharing their research and contributing to the [MITRE] framework, which is a great way for vendors and sec ops teams to share research.”According to Hevesi, the new security features are unlikely to lure many new customers to Google Cloud on their own, but they should prove popular with existing users, including the education sector and any organization that’s already using Google Workspace.“I don’t think that this is something that’s going to make someone move,” he said. Related content news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security news Iranian hackers harvest credentials through advanced social engineering campaigns Mandiant observed several malicious campaigns with threat actors impersonating journalists and harvesting the victim’s cloud environment credentials. By Shweta Sharma May 02, 2024 4 mins Hacker Groups Social Engineering PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe