Skip Navigation
Get a Demo
 

Red Canary coverage of Google Cloud Platform enters general availability

Red Canary directly ingests telemetry data from GCP Audit logs to perform deep investigations, identifying cloud threats others miss.

Download Datasheet

Following our multicloud launch in February, Red Canary is excited to announce that direct integration with Google Cloud Platform (GCP) Audit logs is now generally available. Now organizations running on GCP can receive 24×7 monitoring and comprehensive threat detection and remediation.

Whether you’ve just migrated to GCP or you’ve been deployed there for a while, you’ve likely recognized that the sheer amount of capabilities available to you make securing your cloud environment a challenge. From storing your data in Cloud Storage buckets, spinning up virtual machines in Compute Engine, or running containerized apps in Cloud Run and beyond, the amount of services you must have visibility and observability over greatly increases your attack surface. When assessing your own security teams, you have to ask yourself if you have the threat intelligence and knowledge of the type of cloud threats you might face, along with the ability to detect and stop them.

Let’s dive into the anatomy of an attack and how Red Canary helps you stay ahead of malicious actors out to breach your cloud.

The adversaries

Adversaries consistently look for ways to gain access to your GCP environment and then find ways to monetize that access. The majority of cloud threats begin with direct attacks on your users or by exploiting their mistakes.

MaliciousAccidental
Malicious:
  • Phishing / social engineering
  • Credential theft
  • Brute force attacks
  • Cloud token theft
Accidental:
  • Cloud policy or setting misconfiguration
  • Account and role permission misconfiguration
  • Unmanaged attack surface—unpatched vulnerabilities and risks

Whether these bad actors actively target your admin and user accounts or exploit accidental misconfigurations, noticing suspicious activity and identifying threats can still elude even the most experienced security experts.

Cloud-native threats are exploding

As noted in Red Canary’s recent 2024 Threat Detection Report, we saw a 16x increase in cloud threats detected over the past year. The prevalence and frequency of attacks on cloud environments continue to grow, posing a challenge for organizations as they migrate or expand their cloud footprint. Many organizations struggle to effectively monitor the activity within their expansive cloud environment as it’s difficult to analyze all of the log data to parse regular user activity from real indicators of compromise. They find they don’t have the time, necessary resources and manpower, or the expertise in-house to stay on top of all the data and confidently identify and respond to threats.

Introducing Red Canary MDR for Google Cloud Platform

After being in early access for the past two months, Red Canary is ready to make our direct integration with GCP generally available. Directly ingesting telemetry log data such as Admin Activity, Data Access, Policy Denied, and System Events from GCP Audit logs enables our security operations platform to perform behavioral analytics and empowers our security experts to conduct even deeper threat investigations within your GCP environment.

While GCP provides default detection rules with native alerting in their Security Command Center and the ability to create or tune your own detections, many organizations do not have the expertise or know how to take advantage of these capabilities. Besides, developing custom detections based on your own behavioral analytics is often out of reach for most organization.

Customers partnering with Red Canary get more comprehensive cloud coverage, securing your environment and allowing your team to focus on other important business initiatives. We identify threats that other security tools (including and especially native in-built detections) miss.

Here’s what this integration means for you:

  • Enhanced visibility: Red Canary taps into your GCP telemetry logs, giving you a deeper, holistic view of your cloud activity with added context and security insights.
  • Faster threat detection: We analyze all that data alongside other security signals, helping you pinpoint suspicious activity and detect threats quickly and accurately.
  • Deeper threat investigations: When we identify something suspicious, we perform targeted investigations to confirm or disprove threats while filtering out the noise.
  • Streamlined response: If a threat is confirmed, our team of threat hunting experts will work alongside your security team to contain and remediate the issue, minimizing damage and downtime.

By combining the power of GCP and Red Canary MDR, you can be confident that your cloud environment is under constant watch by a dedicated team of security experts ready to respond to any suspicious activity.

 

Teaming with Microsoft Copilot for Security

 

Introducing Red Canary’s multicloud launch

 

Red Canary brings MDR expertise to Microsoft Azure Cloud

 

Red Canary teams up with Wiz as its first certified MDR partner

Subscribe to our blog

 
 
Back to Top