Google could have revealed a preview of Cloud Armor’s Adaptive protection — a machine-learning-powered method to detect and protect enterprise applications from Layer 7 DDoS attacks.
It is the same technology Google uses to offer Project Shield, a free service provided by Google parent Alphabet, that protects media and government organizations from DDoS attacks.
Google has in the past blocked massive DDoS attacks that were mind-blowingly high in scale, including one that was pinned on a Beijing-backed attacker in 2017.
SEE:Security Awareness and Training Policy(TechRepublic Premium).
Google’s Cloud Armor Adaptive Protection was unveiled in November as part of its DDoS defense service and web application firewall (WAF). It provides customers with the same technology Google uses for protection.
The Adaptive Protection technology employs machine-learning models to analyze signals between web services in order to detect potential attacks. It detects high-volume DDoS attacks on web services and apps.
All Google Cloud customers will be able to test its functionality by moving to a public preview.
“We have been working with external and internal design partners over the past few years to develop and mature this technology. All Cloud Armor customers are eligible to try it free of charge during the preview period,” Emil Kiner, a product manager at Google’s Cloud Armor.
Google Cloud has also released preconfigured WAF rules, and reference architecture, to assist customers in eliminating OWASP web app vulnerabilities.
Kiner explained that “Adaptive Protection quickly identifies traffic patterns suspicious and offers narrowly tailored, customized rules to mitigate ongoing attacks in close-real-time.”
He pointed out that Level 3 and Level 4 attacks could be stopped on Google’s edge network. However, Level 7 attacks rely upon legitimate and well-formed web requests.
SEE:Google’s cloud computing tool allows you to choose the most environmentally friendly data centers
These requests are automatically generated by hacked Windows, Mac, and Linux devices. They create a botnet that spews junk traffic at volumes that many websites cannot withstand.
Google stated that attacks can originate from millions of IPs. Manual triage and analysis is time- and resource-intensive and results in high-volume attacks on applications.
The Adaptive Protection service is aimed at security operation teams and provides alerts about strange requests based on how many backend services are being used, continuously updated signatures that describe a suspected attack, as well as recommended WAF rules to block attacks traffic.
Published on Wed, 21 July 2021 at 00:09.03 +0000