< ciso
brief />
Tag Banner

All news with #google tag

584 articles · page 26 of 30

Agile, Fungible Data Centers for the AI Era: Standards

🚀 Google outlines designs for agile, fungible data centers to meet explosive AI demand, advocating modular, interoperable architectures and late-binding of facility resources. It highlights Project Deschutes liquid cooling, +/-400Vdc power proposals with Mt. Diablo side-car designs, and open efforts like Caliptra 2.0 and OCP L.O.C.K.. The post calls for community standards across power, cooling, telemetry, networking, and security to improve resilience, sustainability, and operational flexibility.
read more →

Google Introduces LLM-Evalkit for Prompt Engineering

🧭 LLM-Evalkit is an open-source, lightweight application from Google that centralizes and streamlines prompt engineering using Vertex AI SDKs. It provides a no-code interface for creating, versioning, testing, and benchmarking prompts while tracking objective performance metrics. The tool promotes a dataset-driven evaluation workflow—define the task, assemble representative test cases, and score outputs against clear metrics—to replace ad-hoc iteration and subjective comparisons. Documentation and a guided console tutorial are available to help teams adopt the framework and reproduce experiments.
read more →

Getting Started with Chaos Engineering on Google Cloud

⚙️ This post introduces the fundamentals of chaos engineering and explains why deliberately injecting controlled failures helps teams build more resilient cloud-native systems. It covers core principles — such as defining a steady-state hypothesis, limiting blast radius, replicating realistic failure modes, and automating experiments — and translates them into practical steps for experiment design, fault injection, probing, and rollback. The article recommends using Chaos Toolkit and points to Google Cloud–specific recipes to help engineers begin safely and iteratively.
read more →

Google transitions to cryptographic media sanitization

🔐 Google will transition in November 2025 from overwrite-based media sanitization to cryptographic erasure, using default encryption to render data unrecoverable by securely deleting encryption keys rather than overwriting drives. Recognized in NIST SP 800-88, this method is faster and better suited to modern storage technologies. Google says it will apply a layered, defense-in-depth model with independent verification, key rotations, and protections for device secrets to maintain strong safeguards.
read more →

Chrome to revoke notification access for inactive sites

🔕 Google is updating Chrome to automatically revoke website notification permissions for sites that haven't been visited recently on both desktop and Android. The feature targets sites that send a high volume of notifications while receiving very low user engagement — Google found under 1% of alerts generate interactions. Chrome will notify users when a permission is removed and makes it easy to restore access via Safety Check or by revisiting the site and opting back in. Users who prefer to keep persistent notifications can disable the automatic revocation entirely.
read more →

Google Launches AI Vulnerability Reward Program for AI

🔒 Google has launched an AI Vulnerability Reward Program (AI VRP) offering base rewards up to $20,000 and up to $30,000 with multipliers for validated AI-product bugs. The program moves AI-related reports from the Abuse VRP into a dedicated stream to simplify submissions and unify reward assessment. In-scope products include Search, Gemini apps and Workspace, and qualifying issues cover data exfiltration, phishing enablement and model theft. Content-focused prompt injections and jailbreaks remain out of scope and should be reported via in-product tools.
read more →

Google Introduces Gemini Enterprise for the Workplace

🚀 Gemini Enterprise is presented as Google’s unified, enterprise-grade AI front door that integrates advanced models, a no-code workbench, pre-built and customizable agents, secure data connectors, centralized governance, and an open partner ecosystem. The chat-first interface works across Google Workspace and Microsoft 365 and adds multimodal agents for text, image, video, and speech. Google highlights developer tooling, open agent protocols, agent monetization, and customer deployments to accelerate end-to-end workflow automation and auditable governance.
read more →

Google Skills: Centralized AI and Cloud Learning Hub

🚀 Google today launched Google Skills, a unified learning platform consolidating nearly 3,000 courses and labs from Google Cloud, Google DeepMind, Grow with Google and Google for Education. The rollout, timed with the release of Gemini Enterprise, integrates Gemini Code Assist into hands-on labs, introduces new skill badges, and adds gamified features and admin tools for organizations. A new GEAR sprint will target one million developers for agent development, and a partnership with Jack Henry creates a direct hiring pathway for U.S. certificate holders.
read more →

Partners Powering the Gemini Enterprise Agent Ecosystem

🚀 Gemini Enterprise launches a curated ecosystem of partner-built AI agents that integrate with Google Cloud to deliver validated, secure solutions for enterprise workflows. The platform supports Agent2Agent (A2A) communication and includes a Gemini-powered AI agent finder for natural language discovery and filtering by industry, use case, and validation status. A broad set of technology and consulting partners — from Box and Salesforce to ServiceNow, Workday, and Accenture — are bringing agents and services to the Google Cloud Marketplace to accelerate deployment and adoption.
read more →

Defend the Target, Not Just the Door: Google Workspace

🛡️ Modern cloud work lives across email, files, chat, and a mesh of integrations, and attackers increasingly exploit trusted OAuth grants rather than compromising accounts directly. In early August the actor behind recent Salesforce intrusions used stolen Drift email tokens to access a small set of Google Workspace mailboxes; Google revoked the tokens and disabled the integration on August 9. Material Security advocates shifting from perimeter-only defenses to content-centric controls such as message-level MFA, OAuth governance, and automated containment to make stolen tokens far less damaging.
read more →

Google DeepMind's CodeMender Automatically Patches Code

🛠️ Google’s DeepMind unveiled CodeMender, an AI agent that automatically detects, patches, and rewrites vulnerable code to remediate existing flaws and prevent future classes of vulnerabilities. Backed by Gemini Deep Think models and an LLM-based critique tool, it validates changes to reduce regressions and self-correct as needed. DeepMind says it has upstreamed 72 fixes to open-source projects so far and will engage maintainers for feedback to improve adoption and trust.
read more →

Google launches AI bug bounty program; rewards up to $30K

🛡️ Google has launched a new AI Vulnerability Reward Program to incentivize security researchers to find and report flaws in its AI systems. The program targets high-impact vulnerabilities across flagship offerings including Google Search, Gemini Apps, and Google Workspace core apps, and also covers AI Studio, Jules, and other AI integrations. Rewards scale with severity and novelty—up to $30,000 for exceptional reports and up to $20,000 for standard flagship security flaws. Additional bounties include $15,000 for sensitive data exfiltration and smaller awards for phishing enablement, model theft, and access control issues.
read more →

DeepMind's CodeMender: AI Agent to Fix Code Vulnerabilities

🔧 Google DeepMind has unveiled CodeMender, an autonomous agent built on Gemini Deep Think models that detects, debugs and patches complex software vulnerabilities. In the last six months it produced and submitted 72 security patches to open-source projects, including codebases up to 4.5 million lines. CodeMender pairs large-model reasoning with advanced program-analysis tooling — static and dynamic analysis, differential testing, fuzzing and SMT solvers — and a multi-agent critique process to validate fixes and avoid regressions. DeepMind says all patches are currently human-reviewed and it plans to expand maintainer outreach, release the tool to developers, and publish technical findings.
read more →

Five Best Practices for Effective AI Coding Assistants

🛠️ This article presents five practical best practices to get better results from AI coding assistants. Based on engineering sprints using Gemini CLI, Gemini Code Assist, and Jules, the recommendations cover choosing the right tool, training models with documentation and tests, creating detailed execution plans, prioritizing precise prompts, and preserving session context. Following these steps helps developers stay in control, improve code quality, and streamline complex migrations and feature work.
read more →

Google launches CodeMender, AI VRP and SAIF 2.0 to defend

🔒 Google announced a set of AI security measures: the AI-powered agent CodeMender, a dedicated AI Vulnerability Reward Program (AI VRP), and Secure AI Framework 2.0 (SAIF 2.0). CodeMender leverages advanced reasoning to find, self-validate, and propose patches at scale. SAIF 2.0 introduces an agent risk map and secure-by-design controls, while the AI VRP centralizes reporting and incentives to accelerate remediation.
read more →

Google advances AI security with CodeMender and SAIF 2.0

🔒 Google announced three major AI security initiatives: CodeMender, a dedicated AI Vulnerability Reward Program (AI VRP), and the updated Secure AI Framework 2.0. CodeMender is an AI-powered agent built on Gemini that performs root-cause analysis, generates self-validated patches, and routes fixes to automated critique agents to accelerate time-to-patch across open-source projects. The AI VRP consolidates abuse and security reward tables and clarifies reporting channels, while SAIF 2.0 extends guidance and introduces an agent risk map and security controls for autonomous agents.
read more →

Dataproc ML library: Connect Spark to Gemini and Vertex

🔗 Google has released an open-source Python library, Dataproc ML, to streamline running ML and generative-AI inference from Apache Spark on Dataproc. The library uses a SparkML-style builder pattern so users can configure a model handler (for example, GenAiModelHandler) and call .transform() to apply Gemini or other Vertex AI models directly to DataFrames. It also supports loading PyTorch and TensorFlow model artifacts from GCS for large-scale batch inference and includes performance optimizations such as vectorized data transfer, connection reuse, and automatic retry/backoff.
read more →

Gmail enterprise users can now send E2EE to anyone

🔒 Gmail enterprise users can now send end-to-end encrypted emails to recipients on any email platform by enabling the Additional encryption option when composing a message. Non-Gmail recipients receive a secure link to view and reply via a guest Google Workspace account, while Workspace-to-Workspace messages decrypt automatically for subscribers. The feature uses client-side encryption (CSE) so organizations can hold keys outside Google's servers to support data sovereignty and regulatory controls. Google began beta testing in April 2025 and will roll the feature out to Enterprise Plus customers with the Assured Controls add-on.
read more →

Google Pixel Phones Added to DoDIN APL for Federal Use

🔒 Google Pixel phones have been added to the DoDIN APL, allowing federal agencies to procure devices that meet Department of Defense network security requirements. Pixel 9 hardware and integrated on-device protections combine with Google Cloud for secure remote management, 5G connectivity, and AI-enabled workflows. Use cases include secure field capture, centralized analytics, and pilots such as TrackInspect for transit infrastructure safety.
read more →

F-Droid: Google developer verification may end project

⚠️ F-Droid warns that Google’s planned Developer Verification rule — requiring identity verification for all developers on certified Android devices starting in 2026 — could effectively end the project and restrict access to many free, open-source apps. F-Droid, which builds reproducible packages, checks for trackers and allows anonymous downloading without accounts, says many open-source authors will refuse to register or pay fees and that F-Droid cannot seize app identifiers on their behalf. Google says sideloading will remain possible for verified developers, with exemptions for hobbyists and no change to Android Studio workflows.
read more →