June 17, 2024


At Google Cloud, we function in a shared destiny mannequin, working in live performance with our prospects to assist obtain stronger safety outcomes. One of many methods we do that is to establish doubtlessly dangerous habits to assist prospects decide if motion is suitable. To this finish, we now present insights on what we’re calling Delicate Actions. 

Delicate Actions, now accessible in Preview, are centered on understanding IAM account, or consumer account, habits. They’re modifications made in a Google Cloud setting which can be safety related — and due to this fact essential to pay attention to and consider — as a result of they could be precursors to an assault, an effort to make different assaults doable, or a part of an effort to monetize a compromised account. They will shortly spotlight doubtlessly malicious actions which can be facilitated by authentication cookie theft, and are one other defense-in-depth mechanism that Google Cloud presents to assist deal with this assault vector. 

The Delicate Actions which can be detected at the moment will seem in two locations. They’re accessible in Safety Command Heart Premium, the first supply for safety and danger alerts in Google Cloud, as Observations from the Delicate Actions Service. They’re additionally accessible in Cloud Logging, the place we advocate that prospects combine them into their monitoring workflows. 

Delicate Actions embody the next record of motion names (mapped to the MITRE ATT&CK techniques that these actions could correspond to) and descriptions: 


Source link