< ciso
brief />
Tag Banner

All news with #google cloud tag

423 articles · page 8 of 22

Double Agents: Security Blind Spots in Vertex AI on GCP

🔒 Unit 42 researchers discovered that AI agents deployed with Google Cloud’s Vertex AI ADK can inherit overly broad default permissions, enabling a deployed agent to leak service‑agent credentials and act as a “double agent.” By exploiting the Per‑Project, Per‑Product Service Agent (P4SA), the team pivoted into consumer projects and downloaded restricted Artifact Registry images from Google‑managed producer projects. Google collaborated with Unit 42, updated documentation, and recommended Bring Your Own Service Account (BYOSA) as a mitigation. Palo Alto Networks highlights protection via Prisma AIRS, Cortex Cloud Identity Security, and Cortex AI‑SPM.
read more →

ID.me Scales Identity Platform with AlloyDB on Google Cloud

🔒 ID.me moved its identity platform to Google Cloud to handle massive scale and improve AI-driven fraud detection. The team migrated over 50 TB across 15 database instances and adopted a two-tier architecture using AlloyDB for heavy workloads and Cloud SQL for standard services. This reduced provisioning and maintenance overhead, sped development from weeks to days, and lowered data-team work time by 40% while enabling real-time fraud analysis.
read more →

RSAC 2026: Securing AI and the Workforce of Tomorrow

🔐 At RSAC 2026, Google Cloud leaders outlined a three-stage AI adoption journey—automate tasks, redesign workflows, and rethink functions—and stressed the need for a bilingual workforce fluent in both domain and AI. They warned that AI expands the attack surface across models, agents, and data, urging multi-model, multicloud resilience and identity-centric defenses. Google highlighted the Secure AI Framework, partnerships to counter supply-chain threats like OpenClaw, and agentic SOC innovations, including the acquisition of Wiz and its AI-Application Protection Platform.
read more →

How Google Does It: Inside Look at Cybersecurity Practices

🔐 This collection from Google Cloud offers a behind-the-scenes look at how Google approaches modern cybersecurity challenges, from fundamentals to AI. Across practical essays and expert perspectives, it covers modernizing threat detection, building AI agents for defense, red teaming at scale, vulnerability management and supply chain controls like Binary Authorization. The pieces emphasize operational rigor, the application of SRE to security, and a commitment to Secure by Design principles to help defenders adopt scalable, enterprise-ready practices.
read more →

Vail Resorts Launches AI Concierge for Personalized Passes

🎿 My Epic Assistant is an AI-powered concierge built by Vail Resorts with Google Cloud and partner 66degrees to deliver personalized recommendations across passes, lessons, and resort services. The assistant uses multi-agent orchestration, webhook-supplied user attributes, and a structured pass matrix to generate tailored pass suggestions and actionable content cards. Since launch, it has reduced escalations to human agents by 45%, speeding support while preserving brand and policy controls.
read more →

Build Production-Ready AI Agents with Google MCP Servers

🔒 Google-managed MCP servers provide enterprise-grade, production-ready endpoints that let AI agents securely call Google services such as Maps, BigQuery, GKE, and Cloud Run. They remove infrastructure overhead by handling hosting, scaling, and reliability while integrating with Cloud IAM, VPC-SC, and Model Armor for governance and inline content filtering. Built-in observability via Cloud Audit Logs ensures traceability of tool calls for compliance and troubleshooting.
read more →

Cloud SQL Powers Manhattan Associates' AI Supply Chain

🚀 Manhattan Associates modernized its Manhattan Active SaaS platform by migrating from legacy Oracle and DB2 to Google Cloud databases. Cloud SQL and BigQuery now power core transactions and real-time analytics, enabling over a billion API calls per day with average responses under 150 ms. Containerized microservices on GKE, Pub/Sub streaming, and managed observability deliver automated failover, cross-region recovery, and faster feature delivery. The shift reduced manual scaling and licensing overhead while boosting operational agility and resilience.
read more →

Red Hat OpenShift on Google Cloud: Migration Updates

🔔 Google Cloud announced integrations and product updates to simplify running Red Hat OpenShift on its platform, including Google Cloud Cluster Services for OpenShift, a guided console cluster-creation experience, and the general availability of OpenShift Virtualization on OpenShift Dedicated. The updates emphasize cost optimization via custom machine types, Hyperdisk, and Axion processors, joint engineering with Red Hat, and configuration validation through Workload Manager to help migrate and modernize clusters. Supported integrations and middleware plugins aim to preserve OpenShift-native architecture while enabling selective adoption of managed Google services.
read more →

FM Logistic Optimizes Warehouse Routing with AlphaEvolve

🚚 FM Logistic used AlphaEvolve on Google Cloud to tackle large-scale warehouse routing by applying evolutionary code generation powered by Gemini models. Starting from an existing stepwise routing baseline, the agent generated, scored, and iterated thousands of candidate algorithms against a representative dataset to minimize average travel distance per pick while avoiding operational failures. The adapted routing logic delivered a 10.4% efficiency improvement and reduced annual warehouse travel by more than 15,000 km.
read more →

Orchestrator Pattern for Distributed AI Agents at Scale

🤖 The post proposes the orchestrator pattern to turn monolithic AI scripts into a team of specialized, distributed microservices that integrate directly with existing frontends. It demonstrates using Google's Agent Development Kit (ADK), the Agent-to-Agent (A2A) protocol, and Cloud Run to host separate researcher, judge, and orchestrator services. The design enables independent scaling, strict JSON contracts for reliable decision-making, and language-agnostic implementations. The authors emphasize production hardening: secure agent endpoints, mitigate latency across hops, and implement robust retries and error handling.
read more →

Cloud SQL Read Pools Add Autoscaling for MySQL, PostgreSQL

🚀 Cloud SQL now supports autoscaling for read pools in MySQL and PostgreSQL, enabling dynamic adjustment of read-replica capacity based on CPU utilization or average database connections. Read pools present a single stable read endpoint for 1–20 nodes, simplifying application configuration during traffic spikes. Autoscaling is generally available with the Enterprise Plus edition and helps reduce operational overhead, optimize costs by scaling in during low demand, and maintain high availability.
read more →

Memorystore: Valkey 9.0 Now GA with Performance Gains

🚀 Google Cloud has made Valkey 9.0 generally available on Memorystore, delivering substantial throughput and latency improvements for high-performance caches and message queues. The release builds on IO-threading work and introduces pipeline memory prefetching, zero-copy responses, and SIMD-optimized commands to improve real-world performance at scale. New developer features include per-field hash expirations, GEOSEARCH BYPOLYGON, and DELIFEQ for safer distributed locks without Lua. Customers reported meaningful gains during preview, and existing instances can be upgraded in-place with no downtime.
read more →

Multi-Cluster GKE Inference Gateway for Scalable AI

🚀 Google Cloud announced the preview of the multi-cluster GKE Inference Gateway, an extension of the GKE Gateway API that provides model-aware, intelligent load balancing across multiple GKE clusters and regions. It centralizes ingress configuration in a dedicated "config cluster" while exporting model-serving backends from distributed "target clusters." The gateway pools GPUs/TPUs, supports routing based on custom metrics, and offers in-flight request limits to optimize latency, utilization, and fault tolerance.
read more →

Google Cloud and NVIDIA Expand AI Hypercomputer Partnership

🚀 At NVIDIA GTC 2026, Google Cloud announced an expanded co‑engineering partnership with NVIDIA centered on the new Google Cloud AI Hypercomputer, designed to address the infrastructure demands of agentic and large-scale MoE workloads. The updates include momentum for G4 VMs powered by NVIDIA RTX Pro 6000 Server Edition, a preview of fractional G4 VMs using NVIDIA vGPU, and planned support for NVIDIA Vera Rubin NVL72 rack systems. Software integrations such as NVIDIA Dynamo with GKE Inference Gateway, Vertex AI Model Garden additions, and a public sector AI startup accelerator target lower latency, higher throughput, and more flexible consumption for inference and training.
read more →

Cloud Run: IAP integration and DRS-compatible public access

🔒 Cloud Run now supports direct Identity-Aware Proxy (IAP) integration and a new option to allow public access compatible with Domain Restricted Sharing. Enable IAP with a single click or via the --iap flag without provisioning load balancers, bringing context-aware, enterprise-grade authentication to serverless apps at no added load balancer cost. The 'Allow Public access' toggle disables the IAM invoker check to support public websites or private microservices that rely on network-level or organizational controls, and IAP’s CORS handling permits unauthenticated OPTIONS for preflight while authenticating other requests.
read more →

Why Context Matters for AI Data Security with SDP Now

🔒 Google Cloud’s Sensitive Data Protection (SDP) now applies advanced AI context classifiers and image object detectors to identify and redact sensitive content across text and images. It detects medical and financial contexts, faces, passports, credit cards, and other PII, and can generate redacted versions so organizations keep valuable training data while protecting privacy. SDP supports both Vertex AI tuning and live agent interactions and integrates with Model Armor, Security Command Center, and contact center solutions.
read more →

Telus Digital Confirms Breach After Massive Data Theft

🔒 Telus Digital has confirmed a cybersecurity incident after threat actors identifying as ShinyHunters claimed to have exfiltrated nearly 1 petabyte of data from the company's BPO systems over several months. The attackers say they used Google Cloud credentials found in the Salesloft/Drift breach to access a large BigQuery instance and then used trufflehog to locate additional secrets and pivot to other systems. Telus says it discovered unauthorized access to a limited number of systems, engaged forensic experts, is investigating what was stolen and which customers were affected, and reports no evidence of customer connectivity or service disruption.
read more →

LeakyLooker: Nine Cross-Tenant Flaws in Looker Studio

🔒 Tenable Research disclosed nine cross-tenant vulnerabilities, collectively named LeakyLooker, in Looker Studio that could allow attackers to run arbitrary SQL and access datasets across tenants. The flaws affected connectors including BigQuery, Spanner, PostgreSQL, MySQL, Google Sheets and Cloud Storage and involved SQL injection, data leaks via report elements and a BigQuery denial-of-wallet issue. Google has applied global fixes to its fully managed service and no customer action is required, though organisations should review sharing settings and limit unused connectors.
read more →

Google Completes Acquisition of Wiz to Boost Cloud Security

🔐 Google has completed its acquisition of Wiz, which will join Google Cloud while retaining the Wiz brand. The combined offering delivers an AI-powered cloud security platform that unifies visibility across cloud, hybrid, and multicloud environments to prevent, detect, and respond to threats. Customers can expect continued support for AWS, Azure, Oracle, and on-premises systems, along with integrations to Google Threat Intelligence and Mandiant consulting. The acquisition is positioned to accelerate AI-native security capabilities, simplify code-to-cloud defenses, and reduce operational toil for security teams.
read more →

Cloud Threat Horizons: Emerging Cloud Exploitation Risk

⚠️ The Cloud Threat Horizons report from Google Cloud's Office of the CISO warns that AI-assisted exploitation has compressed the window from vulnerability disclosure to active attacks from weeks to days. In H2 2025, third-party software flaws became the leading initial access vector, surpassing weak credentials. The report urges automated defenses, identity-based controls, and tamper-resistant logging to improve forensic readiness.
read more →