Google’s New Solution for Security Concerns in CI/CD Cycles

By Veritis

Google Launches Container Security

The tech-giant has launched a series of cloud updates for container security, in-memory data and artificial intelligence.

Following the instances of security issues in containerization and DevOps that left even companies like Tesla and Weight Watchers staggering, Google has come up with a solution that address the problem.

The new beta version of the Container Registry vulnerability scanning aims to obstruct the deployment of vulnerable images by auto-identifying security threats during Continuous Integration (CI) & Continuous Delivery (CD).

Firstly, all container images built using Google’s fully-managed CI/CD platform & Cloud Build will now be automatically scanned for OS package threats. Additionally, vulnerability scanning will be combined with Binary Authorization to ensure only trustworthy container images can be deployed, eliminating the need for manual intervention.

“When we set out to build vulnerability scanning for container images, we started from the premise that security needs to be built into CI/CD from the very beginning, to cut down on time spent remediating downstream security issues, and to reduce risk exposure,” Google said in its blog release announcing the launch of these cloud updates.

Automation to Enhance Security

Talking about automation, Google’s blog stated, “Security controls need to happen automatically, not as part of some manual, ad-hoc process. The system must be able to automatically block vulnerable images based on policies set by the DevSecOps team.”

Cloud Memorystore for Redis, usually available with the updates, is used to automate functions such as provisioning, scaling, failover and monitoring.

Countries including Tokyo, Singapore and the Netherlands will now have access to this service. This increases the count of Cloud Memorystore-service supported regions to eight.

Artificial Intelligence for Japan

Google opened its Machine Learning with TensorFlow on Google Cloud Platform specialization and Associate Cloud Engineer Certification to Japan. Additionally, a new Advanced Solutions Lab (ASL) will also be launched in Tokyo.

“In the coming months, the ASL will offer an immersive training experience so that Japanese businesses can learn directly from Google Cloud ML engineers in a classroom setting. With this training, businesses can build the skills they need to create and deploy Machine Learning at scale, using the full power of Google Cloud,” added Google

More Features from Google:

A new feature from the tech-giant powers enhanced-code research. Cloud Service Repositories improvised product is now available in beta and aims at private hosting, tracking and managing changes to large codebases on the Google Cloud Platform (GCP).

Document-indexing and retrieval techniques on Google Search are key to code search capabilities.

Google is now gearing up for its ‘Next World Tour’ and will be visiting London in October as part of its agenda!