Google Cloud customers now have a new level of security with the introduction of Active Defense, a partnership between Google Cloud and Acalvio. Regardless of their experience level, all Google Cloud customers prioritize security, and Active Defense ensures that this priority is met. With automated deception management and deployment capabilities, Active Defense provides customers with a simple onboarding experience.
Acalvio’s Active Defense platform, built on its award-winning autonomous deception technology, allows organizations to detect, engage, and respond to malicious activity in cloud and on-premises networks, as well as hybrid deployments. The platform achieves this by utilizing decoys of attackable systems or applications, false credentials, and tripwires to misdirect malicious actors. Any interaction with the deception platform generates a high-fidelity alert. Acalvio’s platform, built on Google Cloud, offers enterprise-scale distributed deception.
The Active Defense platform consists of two main components: the ShadowPlex service running on Google Cloud and the projection sensors deployed in customer workloads. The ShadowPlex service hosts deceptions and projects them across distributed and hybrid enterprise networks. On the other hand, sensors are lightweight components installed in the enterprise network, allowing for the projection of decoys from the ShadowPlex service. Additionally, the ShadowPlex service supports remote computers not directly connected to the enterprise network by utilizing a global sensor deployed in Google Cloud.
Google Cloud’s elasticity allows ShadowPlex to deploy thousands of deceptions across the customer’s network effectively. Acalvio’s patented Fluid Deception technology provides high decoy density and high interaction while maintaining strict containment, optimizing resource usage. ShadowPlex is tightly integrated with Google Cloud’s Security Command Center (SCC) to alert customers when deception incidents occur. Customers will also receive notifications in SCC to consider implementing Active Defense protection for any of their Google Cloud projects not covered by ShadowPlex.
Furthermore, ShadowPlex is integrated with Google Cloud’s Chronicle Security Operations, enabling customers to configure deception incidents to be sent to Chronicle and correlated with other alerts. Google Cloud offers additional services for internal operations, such as enriching deception incident data using VirusTotal, data management and processing with Google’s database services, and threat analysis on the GKE platform.
Acalvio’s deception-based Active Defense is available in the Google Cloud Marketplace. This partnership brings Active Defense to help customers detect and respond to the latest advanced threats with precision and speed. ShadowPlex service not only provides Active Defense to Google Cloud workloads but also extends security to customers’ on-premises infrastructure. This deployment and management of deception across on-premises networks is done from Google Cloud, bringing additional usage to the platform.
In conclusion, the partnership between Google Cloud and Acalvio brings enhanced security measures to Google Cloud customers. Active Defense, powered by Acalvio’s technology, allows for the detection and response to malicious activity. With the integration of ShadowPlex into Google Cloud’s services and infrastructure, customers can enjoy a seamless and comprehensive security solution for their workloads.