Our eighth Threat Horizons report is released (full report)

Google Cybersecurity Action Team

The world’s premier security advisory team has the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises, and small businesses. 

Cybersecurity Action Team logo

Strategic advisory services

We advise our customers on security strategies and the structure of your digital security transformation program, and provide program management and professional services support, including transformation workshops and educational content.

Strategic Advisory Services
Corporate desk photo

Trust and compliance services

We map our global compliance certifications to industry control frameworks, enabling you to simplify your compliance journey, and can advise on specific mappings as part of onboarding or growth of your workloads.

Security customer and solutions engineering

We deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements, as well as comprehensive solutions for autonomic security operations, cyber resilience, and more. 

Customer and Solutions Engineering
Picture of a cybersecurity team

Threat intelligence and incident response services

We offer threat briefings, Threat Horizons intelligence reports (first, second, third, fourth, fifth, sixth, seventh, eighth), preparedness drills, incident support, and rapid response engagements in order to keep your organization on top of the latest developments in the security landscape.

Our vision

We guide customers through the cycle of security transformation—from your first transformation roadmap and implementation through increasing your cyber-resilience preparedness for potential events and incidents and engineering new solutions as your requirements change.

Security transformation resources from our Office of the CISO

CISO's Guide to Security Transformation

Our paper shares our thinking, based on our experience working with CISOs and their teams, on how best to drive security transformation with a move to the cloud.

Monthly Cloud CISO Perspectives Blog

Our perspectives on the biggest announcements and trends in cybersecurity from Google Cloud and from across the industry

Risk governance of digital transformation

Our paper serves as a guide for risk, compliance, and audit teams on how to manage risk governance in your digital transformation journey to the cloud.

Strengthening operational resilience for FinServ

Read about how financial services firms can leverage Google Cloud capabilities and solutions to manage operational risks and help ensure operational resilience.

Building secure and reliable systems

In this book, experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.

Board of Directors Handbook for Cloud Risk Governance

The board of directors plays a key role in overseeing and supporting management on this journey, and our new paper is designed to provide a framework and handbook for boards of directors in that position.

Software supply chain security resources

Open Source Insights

A service developed and hosted by Google to help developers better understand the structure, construction, and security of open source software packages.

SLSA (Supply-chain Levels for Software Artifacts)

A security framework from source to service, giving anyone working with software a common language for increasing levels of software security and supply chain integrity.

Open SSF

Cross-industry collaboration to improve the security of open source software. Home to efforts such as Scorecards and Allstar.

SOS Rewards

The Secure Open Source Rewards pilot program financially rewards developers for enhancing the security of critical open source projects that we all depend on.

Google Cloud's Container Security Event

Learn how you can adopt an in-depth, security-first approach with Google Cloud that embeds security and compliance at every step of your software lifecycle.

Zero trust resources


Google's site dedicated to sharing information about our implementation of zero trust access, including research papers that describe our journey from concept through implementation.

BeyondCorp Enterprise

Google Cloud's productized offering for zero trust access on and off our platforms.


How Google takes a zero trust approach to running cloud-native production services at scale.

A unified and proven Zero Trust system with BeyondCorp and BeyondProd

How Google has applied a zero trust approach to most aspects of our operations.

Google Cloud security solutions

Security and Resilience Framework

Help ensure continuity and protect your business against adverse cyber events by using our comprehensive suite of security and resilience solutions.

Autonomic Security Operations

Exceptional threat management through a modern, cloud-native stack. Deep integrations with third-party tools and a powerful engine to create connective tissue and stitch your defenses together. Facilitate your SOC transformation.

Web App and API Protection (WAAP)

Protect your applications and APIs against threats and fraud, help ensure availability and compliance.

Risk and compliance as code (RCaC)

Embrace automation to transform your security and compliance function to adhere to the speed and agility of DevOps, reduce risk, and create value in the cloud securely.

What's new?

  • A new paper "Applying Zero Trust on Google Cloud" is released (full paper)
  • Our eighth Threat Horizons report is released (full report)
  • A new Office of the CISO paper "Securing AI: Similar or Different?" is released (full paper)
  • Our seventh Threat Horizons report is released (full report)
  • A second "Perspectives on Security for the Board" report is released (full report)
  • A new "Secure AI Framework Approach" is released (blog, paper)
  • Our sixth Threat Horizons report is released (full report)
  • Our "State of Cloud Threat Detection and Response Report" is released (full report)
  • Our new threat intelligence report "Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape" is released (full report)
  • Our fifth Threat Horizons report is released (full report)
  • Our new research report on software supply chain security is out 
  • Our new paper on API security is released (full paper)
  • Our fourth Threat Horizons report is released (full report)
  • Our new paper on threat detection in the cloud is released (full paper)
  • Our new paper on modern data security is released (full paper, blog)
  • Our third Threat Horizons report is released (full report)
  • Our second Threat Horizons report is released (full report, summary)
  • A new Office of the CISO paper "Board of Directors Handbook for Cloud Risk Governance" is released (full paper, summary)
  • Our first Threat Horizons report is released (full report, summary)

Our comprehensive suite of security solutions, delivered through our platform and amplified by the Google Cybersecurity Action Team, will help protect organizations against adverse cyber events with capabilities that address industry frameworks and standards.