Google Cloud security products help organizations secure their cloud environment, protect their data, and comply with industry regulations.

Explore Security in Google Cloud

Read documentation and Cloud Architecture Center articles about security products and procedures.

Google Cloud security overview

Learn the physical, administrative, and technical controls we use to help protect your organization's data.

Authentication methods

Learn the key authentication methods and concepts to confirm a user's identity.

Plan security, privacy, and compliance

Plan how to architect secure services on Google Cloud.open_in_new

Infrastructure security design

Learn how security is designed into Google's technical infrastructure.

Revoke access to a project

Remove a user's access to a Google Cloud project.

Default encryption at rest

Learn how all customer content at rest is encrypted without any action required by your organization.

Default encryption in transit

Learn about security measures to help ensure the authenticity, integrity, and privacy of data in transit.

Enterprise foundations blueprint

Plan how to deploy a foundational set of resources in Google Cloud using best practices.open_in_new

Training, blog articles, and more

Go to training courses, blog articles, and other related resources.

Security engineer learning path

Study how to develop, implement, and monitor your organization's security infrastructure.open_in_new

Cloud Security Podcast

Listen to industry experts talk about some of the most interesting areas of cloud security.open_in_new

Cloud Security Blog

Read the latest blog posts about Google Cloud security benefits and customer stories.open_in_new

Google SIEM and SOAR learning path

Study how to use SIEM and SOAR tools to parse data, build rules, develop playbooks, and respond to incidents.open_in_new

DevSecOps learning path

Study how to develop, implement, and monitor your organization’s security infrastructure.open_in_new

Security products by use case

Expand sections or use the filter to find products and guides for typical use cases.

Data security

Handle key management for secrets, disks, images, and log retention.

API Keys API

Use key management for secrets, disks, images, and log retention.

Data Catalog

Discover and understand your data using a fully managed and scalable data discovery and metadata management service.

Cloud External Key Manager

Control the location and distribution of your externally-managed keys.

Cloud HSM

Protect cryptographic keys with a fully managed hardware security module service.

Cloud Key Management Service

Manage encryption keys on Google Cloud.

Confidential Computing

Protect data in-use with Confidential VMs, Confidential GKE, Confidential Dataflow, Confidential Dataproc, and Confidential Space.

Sensitive Data Protection

Discover and redact sensitive data.

Secret Manager

Store API keys, passwords, certificates, and other sensitive data.

Network security

Centrally manage network resources, establish scalable segmentation for different security zones, and detect network threats.

Chrome Enterprise Premium

Use a zero-trust solution that enables secure access with integrated threat and data protection.

Cloud Firewall

Implement advanced protection capabilities and pervasive coverage to protect your Google Cloud workloads from internal and external attacks.

Cloud Armor

Help protect your services against DoS and web attacks.

Cloud Interconnect

Connect your infrastructure to Google Cloud on your terms, from anywhere.

Cloud Intrusion Detection System (Cloud IDS)

Get alerts when Cloud IDS detects malicious activity.

Cloud VPN

Connect your infrastructure to Google Cloud on your terms, from anywhere.

Identity-Aware Proxy (IAP)

Use identity and context to guard access to your applications and VMs.

Spectrum Access System

Manage the wireless communications of devices transmitting in the Citizens Broadband Radio Spectrum (CBRS) band.

VPC Service Controls

Protect sensitive data in Google Cloud services using security perimeters.

Application security

Protect your workloads against denial-of-service attacks, web application attacks, and other security threats.

Binary Authorization

Deploy only trusted containers on Google Kubernetes Engine.

Certificate Manager

Acquire and manage TLS (SSL) certificates for use with Cloud Load Balancing and Media CDN.

Cloud Armor

Help protect your services against DoS and web attacks.

Cloud Load Balancing

Scale and distribute app access with high-performance load balancing.

Identity-Aware Proxy (IAP)

Manage access to applications running in App Engine standard environment, App Engine flexible environment, Compute Engine, and GKE.

reCAPTCHA Enterprise

Protect your organization's website from fraudulent activity, spam, and abuse.

Secure Web Proxy

Migrate to Google Cloud while keeping your organization's existing security policies and requirements for outbound web traffic.

Web Risk

Detect malicious URLs on your organization's website and in client applications.

Detect malicious URLs in Web Risk

Follow guidance to install and run the sample app to detect malicious URLs in a Go environment.

Security operations

Detect vulnerabilities, threats, and misconfigurations.

Advisory Notifications

Receive well-targeted, timely, and compliant communications about security and privacy events in the Google Cloud console.

Google Security Operations

Detect, investigate, and respond to cyber threats with SIEM and SOAR technology. Extract signals to find threats and automate the response.

Security Command Center

Understand your security and data attack surface.

Google Threat Intelligence

Know who's targeting your organization with unparalleled visibility into the global threat landscape.

Access management

Provide unified, federated identity with least privilege policies to reduce the risk of data breaches and other security incidents.

Identity and Access Management (IAM) Recommender

Identify excess permissions using policy insights.

Certificate Authority Service

Simplify, automate, and customize the deployment, management, and security of private certificate authorities (CA).

Identity and Access Management (IAM)

Establish fine-grained identity and access management for Google Cloud resources.

Access Context Manager

Allow organization administrators to define fine-grained, attribute-based access control for projects and resources in Google Cloud.

Plan identity and access management

Plan your design for granting the right individuals access to the right resources for the right reasons.open_in_new

Ensure access and identity

Study fundamental features of cloud security related to access management and identity.open_in_new

Security and IAM planning resources

Plan your approach with Architecture Center resources across a variety of identity and access management topics.open_in_new

Auditing, monitoring, and logging

Collect, store, analyze, and monitor your organization's aggregated platform and system logs with a comprehensive solution.

Access Transparency

Get visibility over your organization’s cloud provider through near real-time logs.

Cloud Audit Logs

Gain visibility into who did what, when, and where for all user activity on Google Cloud.

Cloud Logging

Store, search, analyze, monitor, and alert on log data and events from Google Cloud and AWS.

Cloud Monitoring

Get visibility into the performance, availability, and overall health of cloud-powered applications.

Cloud provider access management

Use this group of products for progressively greater transparency and control over access to your content stored in Google Cloud.

Personalized Service Health

Identify Google Cloud service disruptions relevant to your projects so you can manage and respond to them efficiently.

Network Intelligence Center

Use a single console for comprehensive network monitoring, verification, and optimization.

Endpoint Verification

Create an inventory of devices running Chrome OS and Chrome Browser that access your organization's data.

Cloud governance

Manage your resources in a secure and compliant way with visibility and control over your cloud environment.

Assured Workloads

Secure your workloads and accelerate your path to running compliant workloads on Google Cloud.

Cloud Asset Inventory

View, monitor, and analyze Google Cloud and Anthos assets across projects and services.

Organization Policy Service

Centralized and programmatic control over your organization's cloud resources.

Policy Intelligence

Control resources and manage access through policies to proactively improve your security configuration.

Resource Manager

Centralized and programmatic control over your organization's cloud resources.

Risk Manager / Risk Protection Program

Evaluate your organization's security posture and connect with insurance partners to obtain specialized cyber cover for Google Cloud.

Compliance and privacy

Compliance center

View certifications, documentation, and third-party audits to help support your compliance.

Privacy resource center

Discover how we protect the privacy of Google Cloud Platform and Google Workspace customers.

Assured workloads

Secure your workloads and accelerate your path to running compliant workloads.

Policy violation notifications support

View answers to frequently asked questions about Google Cloud policy violations.open_in_new

Data residency service availability

View a list of services that can be configured for data location.open_in_new

Sovereign Controls by Partners

Meet digital sovereignty requirements for Google Cloud by Partners.

T-Systems Sovereign Cloud

Meet digital sovereignty requirements for Google Cloud by T-Systems.

Secure software supply chain

Software Delivery Shield overview

Implement a fully managed, end-to-end software supply chain security solution.

Artifact Registry

Store, manage, and secure container images and language packages.

Artifact Analysis

Provide software composition analysis, metadata storage and retrieval.

Assured Open Source Software

Provide enterprise users of open source software with trusted OSS packages.

Cloud Build

Continuously build, test, and deploy containers using the Google Cloud infrastructure.

Binary Authorization

Deploy only trusted containers on Google Kubernetes Engine.

Authentication and identity

Authentication methods

Basics of authentication methods and concepts for Google Cloud services and get help with implementation or troubleshooting.

Cloud Identity

Manage user identities, devices, and applications from one console.

Identity Platform

Add Google-grade identity and access management to your apps.

Managed Service for Microsoft Active Directory

Use a highly available, hardened service running Microsoft Active Directory (AD).

Titan Security Keys

Provides phishing-resistant 2nd factor of authentication for high-value users.open_in_new

Ensure access and identity

Study fundamental features of cloud security related to access management and identity.open_in_new

Additional products and resources

Backup and DR Service

A managed backup and disaster recovery (DR) service for centralized and application-consistent data protection in Google Cloud.

Anti Money Laundering AI

Increase anti money laundering detection accuracy and efficiency.

Network Service Tiers

Optimize connectivity between systems on the internet and your Google Cloud instances.

Risk Manager

Evaluate your organization's security posture and connect with insurance partners to obtain specialized cyber insurance coverage for Google Cloud.

Shielded VM

VMs on Google Cloud hardened by a set of security controls that help defend against rootkits and bootkits.