Google Cybersecurity Action Team
The world’s premier security advisory team has the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises, and small businesses.
Strategic advisory services
We advise our customers on security strategies and the structure of your digital security transformation program, and provide program management and professional services support, including transformation workshops and educational content.
Trust and compliance services
We map our global compliance certifications to industry control frameworks, enabling you to simplify your compliance journey, and can advise on specific mappings as part of onboarding or growth of your workloads.
Security customer and solutions engineering
We deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements, as well as comprehensive solutions for autonomic security operations, cyber resilience, and more.
Threat intelligence and incident response services
We guide customers through the cycle of security transformation—from your first transformation roadmap and implementation through increasing your cyber-resilience preparedness for potential events and incidents and engineering new solutions as your requirements change.
Security transformation resources from our Office of the CISO
CISO's Guide to Security Transformation
Our paper shares our thinking, based on our experience working with CISOs and their teams, on how best to drive security transformation with a move to the cloud.
Monthly Cloud CISO Perspectives Blog
Our perspectives on the biggest announcements and trends in cybersecurity from Google Cloud and from across the industry
Risk governance of digital transformation
Our paper serves as a guide for risk, compliance, and audit teams on how to manage risk governance in your digital transformation journey to the cloud.
Strengthening operational resilience for FinServ
Read about how financial services firms can leverage Google Cloud capabilities and solutions to manage operational risks and help ensure operational resilience.
Building secure and reliable systems
In this book, experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.
Board of Directors Handbook for Cloud Risk Governance
The board of directors plays a key role in overseeing and supporting management on this journey, and our new paper is designed to provide a framework and handbook for boards of directors in that position.
Software supply chain security resources
A service developed and hosted by Google to help developers better understand the structure, construction, and security of open source software packages.
SLSA (Supply-chain Levels for Software Artifacts)
A security framework from source to service, giving anyone working with software a common language for increasing levels of software security and supply chain integrity.
Cross-industry collaboration to improve the security of open source software. Home to efforts such as Scorecards and Allstar.
The Secure Open Source Rewards pilot program financially rewards developers for enhancing the security of critical open source projects that we all depend on.
Google Cloud's Container Security Event
Learn how you can adopt an in-depth, security-first approach with Google Cloud that embeds security and compliance at every step of your software lifecycle.
Zero trust resources
Google's site dedicated to sharing information about our implementation of zero trust access, including research papers that describe our journey from concept through implementation.
Google Cloud's productized offering for zero trust access on and off our platforms.
How Google takes a zero trust approach to running cloud-native production services at scale.
A unified and proven Zero Trust system with BeyondCorp and BeyondProd
How Google has applied a zero trust approach to most aspects of our operations.
Google Cloud security solutions
Security and Resilience Framework
Help ensure continuity and protect your business against adverse cyber events by using our comprehensive suite of security and resilience solutions.
Exceptional threat management through a modern, cloud-native stack. Deep integrations with third-party tools and a powerful engine to create connective tissue and stitch your defenses together. Facilitate your SOC transformation.
Web App and API Protection (WAAP)
Protect your applications and APIs against threats and fraud, help ensure availability and compliance.
Risk and compliance as code (RCaC)
Embrace automation to transform your security and compliance function to adhere to the speed and agility of DevOps, reduce risk, and create value in the cloud securely.
- Our sixth Threat Horizons report is released (full report)
- Our "State of Cloud Threat Detection and Response Report" is released (full report)
- Our new threat intelligence report "Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape" is released (full report)
- Our fifth Threat Horizons report is released (full report)
- Our new research report on software supply chain security is out
- Our new paper on API security is released (full paper)
- Our fourth Threat Horizons report is released (full report)
- Our new paper on threat detection in the cloud is released (full paper)
- Our new paper on modern data security is released (full paper, blog)
- Our third Threat Horizons report is released (full report)
- Our second Threat Horizons report is released (full report, summary)
- A new Office of the CISO paper "Board of Directors Handbook for Cloud Risk Governance" is released (full paper, summary)
- Our first Threat Horizons report is released (full report, summary)
Our comprehensive suite of security solutions, delivered through our platform and amplified by the Google Cybersecurity Action Team, will help protect organizations against adverse cyber events with capabilities that address industry frameworks and standards.
Learn more about the areas in which our team works.