Google Cloud Unveils New Cloud Analytics Project for Improved Threat Detection

The Cloud Analytics project is a community-driven security analytics resource.

Edward Gately, Senior News Editor

August 1, 2022

2 Min Read
Cloud analytics
Shutterstock

Google Cloud on Monday announced the Cloud Analytics project by the MITRE Engenuity Center for Threat-Informed Defense. Google Cloud and several other industry collaborators are sponsoring it.

Since 2021, Google Cloud has partnered with the center to develop open-source security analytics. Earlier this year, it introduced Community Security Analytics (CSA) in collaboration with the center. It provides pre-built and customizable queries to help detect threats in workloads, and to audit cloud usage. The Cloud Analytics project is designed to complement CSA.

The Cloud Analytics project includes a set of detection analytics for key tactics, techniques and procedures (TTPs), along with their adversary emulation plans implemented with Caldera framework.

Both CSA and the Cloud Analytics project are community-driven security analytics resources.

Here’s our most recent list of new products and services that agents, VARs, MSPs and other partners offer.

Similar to CSA, Cloud Analytics can help lower the barrier for threat hunters and detection engineers to create cloud-specific security analytics.

Security analytics is complex because it requires knowledge of diverse security signals from different cloud providers along with their specific schemas. In addition, it requires familiarity with adversary behaviors in cloud environments.

Arsan-Roy_Google.jpg

Google’s Roy Arsan

Roy Arsan is cloud solutions architect at Google.

“Together, CSA and Cloud Analytics can help you maximize your coverage of the MITRE ATT&CK framework, while giving you the choice of detection language and analytics engine to use,” he said. “The Cloud Analytics project aims to make cloud-based threat detection development easier while also consolidating collective findings from real-world deployments. In order to scale the development of high-quality threat detections with minimum false positives, CSA and Cloud Analytics promote an agile development approach for building these analytics, where rules are expected to be continuously tuned and evaluated.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like