The cloud is now home to their most critical applications and data. Adversaries have picked up on this ongoing shift, too: APT groups known for regularly targeting corporate and government organizations are increasingly focused on attacking cloud infrastructure.

The current generation of cloud-native application protection platforms (CNAPPs) have helped reduce the number of point products used for multicloud security. However, they often remain stubbornly disconnected from broader security operations capabilities, where best-in-class solutions provide comprehensive visibility into risks and threats, and place just as much attention on efficient remediation of those risks.

To help our customers manage and mitigate risk in their multicloud environments, the industry’s first cloud risk management solution that fuses proactive cloud security and enterprise security operations — supercharged by Mandiant expertise.

Built on our Cloud security fabric, Security Command Center Enterprise can help to break down the silos of tools, teams, and data that separate cloud security and enterprise security operations. It prioritizes cloud risk management by integrating the critical response capabilities of modern SecOps with threat intelligence from Mandiant, so organizations can identify high-risk issues and drive accountability for keeping their multicloud environments safe.

Security Command Center Enterprise is powered by Google’s security fabric, which incorporates a planet-scale data lake that ingests and analyzes the volume of cloud data needed to build dynamic security graphs and to understand the complex relationships in multicloud environments. It integrates threat intelligence from Mandiant to automatically help identify and defend against new and novel attacks.

Generative AI has also been integrated to simplify the cloud security lifecycle for experts and less-experienced users alike, from initial identification and understanding of complex security issues, through investigation and guided remediation.

Integral to our security fabric is a continuous risk engine that constructs a digital twin model of the cloud environment, developing an in-depth understanding of complex cloud relationships. It then plays the role of a sophisticated and motivated attacker to predict where an attacker could strike, what cloud resources would be exposed, and the possible blast radius of a successful attack.

Easy-to-interpret attack path visualizations and detailed risk scoring give reactive security teams the proactive insight they need to stay ahead of adversaries. Additionally, the dynamic discovery of toxic combinations that lead to high-risk exposures, specific to each cloud environment, is a material step beyond the use of basic fixed rules that treat all clouds the same.