Google Cloud Unveils New Cloud Analytics Project for Improved Threat DetectionGoogle Cloud Unveils New Cloud Analytics Project for Improved Threat Detection
The Cloud Analytics project is a community-driven security analytics resource.
August 1, 2022
Google Cloud on Monday announced the Cloud Analytics project by the MITRE Engenuity Center for Threat-Informed Defense. Google Cloud and several other industry collaborators are sponsoring it.
Since 2021, Google Cloud has partnered with the center to develop open-source security analytics. Earlier this year, it introduced Community Security Analytics (CSA) in collaboration with the center. It provides pre-built and customizable queries to help detect threats in workloads, and to audit cloud usage. The Cloud Analytics project is designed to complement CSA.
The Cloud Analytics project includes a set of detection analytics for key tactics, techniques and procedures (TTPs), along with their adversary emulation plans implemented with Caldera framework.
Both CSA and the Cloud Analytics project are community-driven security analytics resources.
Here’s our most recent list of new products and services that agents, VARs, MSPs and other partners offer.
Similar to CSA, Cloud Analytics can help lower the barrier for threat hunters and detection engineers to create cloud-specific security analytics.
Security analytics is complex because it requires knowledge of diverse security signals from different cloud providers along with their specific schemas. In addition, it requires familiarity with adversary behaviors in cloud environments.
Google’s Roy Arsan
Roy Arsan is cloud solutions architect at Google.
“Together, CSA and Cloud Analytics can help you maximize your coverage of the MITRE ATT&CK framework, while giving you the choice of detection language and analytics engine to use,” he said. “The Cloud Analytics project aims to make cloud-based threat detection development easier while also consolidating collective findings from real-world deployments. In order to scale the development of high-quality threat detections with minimum false positives, CSA and Cloud Analytics promote an agile development approach for building these analytics, where rules are expected to be continuously tuned and evaluated.”
Read more about:MSPs
About the Author(s)
You May Also Like