Google Cloud offers a reliable open source service as well as a new zero-trust program for businesses

Google Cloud offers a reliable open source service as well as a new zero-trust program for businesse ...

Sunil Potti, the founder of Google Cloud''s Cloud Security, unveils the next steps on its Invisible Security journey, which aim to assist businesses in securing their software supply chain and entail the adoption of zero trust architectures.

Potti has announced that Google Cloud is developing a new software called the Assured Open Source Software service, which allows companies and public sector organizations to see what OSS packages Google approves and uses in their own developer workflows.

These packages are regularly inspected for vulnerabilities and tested by Google to verify that they are secure for businesses to use.

Securing the open source supply chain

The release of this new open source service comes shortly after Google participated in the White House Summit on Open Source Security, alongside OpenSSF, and the Linux Foundation to sway out threats in open source software. Microsoft, Google, Intel, Ericsson, Amazon, and VMware have pledged $30 million collectively to increase the security of open source software.

Google''s assistance in obtaining open source software comes as a proof that traditional approaches to eliminating flaws in the software supply chain have proved ineffective.

According to Potti''s announcement blog post, patching security vulnerabilities in open source software often feels like a high-stakes challenge: fix one, and two additional pop up. This helps explain research that shows a 650% year-over-year increase in cyberattacks aimed at open source software (OSS).

The purpose of the new solution is to help organizations reduce some of the complexity associated with managing open source vulnerabilities by providing them with an external source they may contact.

Potti said: "Assured OSS helps organizations reduce the need to develop, maintain, and operate a complex process for securely managing their open source dependencies."

Advancing zero-trust access

BeyondCorp Enterprise Essentials, Google''s new zero trust access service, was made a significant announcement during the summit, which was intended to assist organizations take the first step on their zerotrust journey.

BeyondCorp Enterprise Essentials is expected to launch in Q3 of 2022 and will provide context-aware application access controls for SAML along with security features such as data loss prevention, malware, phishing protection, and URL filtering integrated in the Chrome browser.

Administrators may also monitor users through the Chrome dashboard, which allows them to ensure that users in BYOD, remote, or hybrid working environments are at danger.

Google Clouds is collaborating to increase zero trust access as more companies implement it, with research showing that 78% of businesses believe zero trust has increased in priority, and nearly 90% are working on a zero trust program.

You may also like: