Security and identity

We offer security products that help you meet your policy, regulatory, and business objectives. The rich set of controls and capabilities we offer is always expanding.

Explore our products

Category Product Key features
Security
Access Transparency

Cloud provider visibility through near real-time logs.

  • check_circle_filled_black_24dp (1)

    Explicitly approve access with Access approval

  • check_circle_filled_black_24dp (1)

    Access justifications shows the reason for access

  • check_circle_filled_black_24dp (1)

    Resource and method identification

Assured Workloads (beta)

Compliance and security controls for sensitive workloads.

  • check_circle_filled_black_24dp (1)

    Enforcement of data location

  • check_circle_filled_black_24dp (1)

    Limit personnel access

  • check_circle_filled_black_24dp (1)

    Built-in security controls

  • check_circle_filled_black_24dp (1)

    Enforcement of product deployment location

Binary Authorization

Deploy only trusted containers on Kubernetes Engine.

  • check_circle_filled_black_24dp (1)

    Policy creation based on your security needs

  • check_circle_filled_black_24dp (1)

    Policy verification and enforcement

  • check_circle_filled_black_24dp (1)

    Cloud Security Command Center integration

  • check_circle_filled_black_24dp (1)

    Audit logging

Chronicle

Extract signals from your security telemetry to find threats instantly.

  • check_circle_filled_black_24dp (1)

    Infinitely elastic

  • check_circle_filled_black_24dp (1)

    Fixed pricing

  • check_circle_filled_black_24dp (1)

    Unparalleled storage

  • check_circle_filled_black_24dp (1)

    Easy to manage

Cloud Asset Inventory

View, monitor, and analyze Google Cloud and Anthos assets across projects and services.

  • check_circle_filled_black_24dp (1)

    Fully managed inventory service

  • check_circle_filled_black_24dp (1)

    Export all your assets at a point of time

  • check_circle_filled_black_24dp (1)

    Export asset change history

  • check_circle_filled_black_24dp (1)

    Real-time notification on asset config change

Cloud Data Loss Prevention

Sensitive data inspection, classification, and redaction platform.

  • check_circle_filled_black_24dp (1)

    Data discovery and classification

  • check_circle_filled_black_24dp (1)

    Mask your data to safely unlock more of the cloud

  • check_circle_filled_black_24dp (1)

    Measure re-identification risk in structured data

Cloud Key Management

Manage encryption keys on Google Cloud.

  • check_circle_filled_black_24dp (1)

    Centrally manage encryption keys

  • check_circle_filled_black_24dp (1)

    Deliver hardware key security with HSM

  • check_circle_filled_black_24dp (1)

    Provide support for external keys with EKM

  • check_circle_filled_black_24dp (1)

    Be the ultimate arbiter of access to your data

Confidential Computing (beta)

Encrypt data in use with Confidential VMs.

  • check_circle_filled_black_24dp (1)

    Real-time encryption in use

  • check_circle_filled_black_24dp (1)

    Lift and shift confidentiality

  • check_circle_filled_black_24dp (1)

    Enhanced innovation

Firewalls

Global and flexible firewalls to protect your cloud resources.

  • check_circle_filled_black_24dp (1)

    Hierarchical firewall policies

  • check_circle_filled_black_24dp (1)

    VPC firewall rules

  • check_circle_filled_black_24dp (1)

    Firewall insights

  • check_circle_filled_black_24dp (1)

    Firewall rules logging

Secret Manager

Store API keys, passwords, certificates, and other sensitive data.

  • check_circle_filled_black_24dp (1)

    Replication policies

  • check_circle_filled_black_24dp (1)

    First-class versioning

  • check_circle_filled_black_24dp (1)

    Cloud IAM integration

  • check_circle_filled_black_24dp (1)

    Audit logging

Security Command Center

Platform for defending against threats to your Google Cloud assets.

  • check_circle_filled_black_24dp (1)

    Centralized visibility and control

  • check_circle_filled_black_24dp (1)

    Threat prevention

  • check_circle_filled_black_24dp (1)

    Threat detection

  • check_circle_filled_black_24dp (1)

    Asset discovery and inventory

Shielded VMs

Virtual machines hardened with security controls and defenses.

  • check_circle_filled_black_24dp (1)

    Verifiable integrity with secure and measured boot

  • check_circle_filled_black_24dp (1)

    vTPM exfiltration resistance

  • check_circle_filled_black_24dp (1)

    Trusted UEFI firmware

  • check_circle_filled_black_24dp (1)

    Tamper-evident attestations

VPC Service Controls

Protect sensitive data in Google Cloud services using security perimeters.

  • check_circle_filled_black_24dp (1)

    Helps mitigate data exfiltration risks

  • check_circle_filled_black_24dp (1)

    Centrally manage multi-tenant service access at scale

  • check_circle_filled_black_24dp (1)

    Establish virtual security perimeters

  • check_circle_filled_black_24dp (1)

    Deliver independent data access control

Identity and Access
Certificate Authority Service (beta)

Simplify the deployment and management of private CAs.

  • check_circle_filled_black_24dp (1)

    Deploy in minutes

  • check_circle_filled_black_24dp (1)

    Simpler deployment and management

  • check_circle_filled_black_24dp (1)

    Pay-as-you-go

  • check_circle_filled_black_24dp (1)

    Customize to your needs

Cloud Identity

Unified platform for IT admins to manage user devices and apps.

  • check_circle_filled_black_24dp (1)

    Advanced account security

  • check_circle_filled_black_24dp (1)

    Device security on Android, iOS, and Windows

  • check_circle_filled_black_24dp (1)

    Automated user provisioning

  • check_circle_filled_black_24dp (1)

    Unified management console

Context-aware access

Manage access to apps and infrastructure based on a user’s identity and context.

  • check_circle_filled_black_24dp (1)

    VPN-less user access

  • check_circle_filled_black_24dp (1)

    Zero trust security

  • check_circle_filled_black_24dp (1)

    Built-in with Google Cloud and Google Workspace

  • check_circle_filled_black_24dp (1)

    Cloud or on-premises

Identity and Access Management

Permissions management system for Google Cloud resources.

  • check_circle_filled_black_24dp (1)

    Single access control interface

  • check_circle_filled_black_24dp (1)

    Fine-grained control

  • check_circle_filled_black_24dp (1)

    Automated access control recommendations

  • check_circle_filled_black_24dp (1)

    Context-aware access

Identity-Aware Proxy

Use identity and context to guard access to your applications and VMs.

  • check_circle_filled_black_24dp (1)

    Centralized access control

  • check_circle_filled_black_24dp (1)

    Works with cloud and on-premises apps

  • check_circle_filled_black_24dp (1)

    Protects apps and VMs

  • check_circle_filled_black_24dp (1)

    Simpler for admins and remote workers

Identity Platform

Add Google-grade identity and access management to your apps.

  • check_circle_filled_black_24dp (1)

    Authentication as a service

  • check_circle_filled_black_24dp (1)

    Broad protocol support

  • check_circle_filled_black_24dp (1)

    Multi-tenancy

  • check_circle_filled_black_24dp (1)

    Intelligent account protection

Managed Service for Microsoft Active Directory

Hardened service running Microsoft® Active Directory (AD).

  • check_circle_filled_black_24dp (1)

    Compatibility with AD-dependent apps

  • check_circle_filled_black_24dp (1)

    Familiar features and tools

  • check_circle_filled_black_24dp (1)

    Multi-region and hybrid identity support

  • check_circle_filled_black_24dp (1)

    Automatic patching

Policy Intelligence

Smart access control for your Google Cloud resources.

  • check_circle_filled_black_24dp (1)

    Smart access control

  • check_circle_filled_black_24dp (1)

    Helps you understand and manage policies

  • check_circle_filled_black_24dp (1)

    Greater visibility

  • check_circle_filled_black_24dp (1)

    Advanced automation

Resource Manager

Hierarchical management for organizing resources on Google Cloud.

  • check_circle_filled_black_24dp (1)

    Centrally control your organization’s resources

  • check_circle_filled_black_24dp (1)

    Manage IAM across your organization

  • check_circle_filled_black_24dp (1)

    Use Cloud Asset Inventory

  • check_circle_filled_black_24dp (1)

    Track and manage projects

Titan Security Key

Two-factor authentication device for user account protection.

  • check_circle_filled_black_24dp (1)

    Phishing-resistant 2FA

  • check_circle_filled_black_24dp (1)

    Tamper-resistant hardware

  • check_circle_filled_black_24dp (1)

    Multiple form factors to ensure device compatibility

User Protection Services
reCAPTCHA Enterprise

Help protect your website from fraudulent activity, spam, and abuse.

  • check_circle_filled_black_24dp (1)

    Scores that indicate likely good or abusive actions

  • check_circle_filled_black_24dp (1)

    Take action based on scores

  • check_circle_filled_black_24dp (1)

    Tune the service to your website’s needs

  • check_circle_filled_black_24dp (1)

    Flexible API; integrate on your site or mobile app

Web Risk

Detect malicious URLs on your website and in client applications.

  • check_circle_filled_black_24dp (1)

    Check against comprehensive list of known unsafe URLs

  • check_circle_filled_black_24dp (1)

    Application agnostic

  • check_circle_filled_black_24dp (1)

    Allow client apps to check URLs with Lookup API

  • check_circle_filled_black_24dp (1)

    Download and store unsafe lists with Update API

Category