Read the original article: Expanding our work with the open source security community Posted by Eduardo Vela, Vulnerability Collector, Google At Google, we’ve always believed in the benefits and importance of using open source technologies to innovate. We enjoy being…
Category: Google Online Security Blog
Enhanced Safe Browsing Protection now available in Chrome
Read the original article: Enhanced Safe Browsing Protection now available in Chrome Posted by Nathan Parker, Varun Khaneja, Eric Mill and Kiran C Nair – Chrome Safe Browsing team Over the past few years we’ve seen threats on the web…
Enhanced Safe Browsing Protection now available in Chrome
Read the original article: Enhanced Safe Browsing Protection now available in Chrome Posted by Nathan Parker, Varun Khaneja, Eric Mill and Kiran C Nair – Chrome Safe Browsing team Over the past few years we’ve seen threats on the web…
Introducing portability of Google Authenticator 2SV codes across Android devices
Read the original article: Introducing portability of Google Authenticator 2SV codes across Android devices Posted by Dongjing He, Software Engineer; Teddy Katz, Software Engineer; Christiaan Brand, Product ManagerToday is World Password Day, and we found it fitting to release an…
Research Grants to support Google VRP Bug Hunters during COVID-19
Read the original article: Research Grants to support Google VRP Bug Hunters during COVID-19 Posted by Anna Hupa, Senior Strategist, Trust & Safety at Google In 2015, we launched our Vulnerability Research Grant program, which allows us to recognize the…
Research Grants to support Google VRP Bug Hunters during COVID-19
Read the original article: Research Grants to support Google VRP Bug Hunters during COVID-19 Posted by Anna Hupa, Senior Strategist, Trust & Safety at Google In 2015, we launched our Vulnerability Research Grant program, which allows us to recognize the…
Research Grants to support Google VRP Bug Hunters during COVID-19
Read the original article: Research Grants to support Google VRP Bug Hunters during COVID-19 Posted by Anna Hupa, Senior Strategist, Trust & Safety at Google Advertise on IT Security News. Read the original article: Research Grants to support Google…
Introducing our new book “Building Secure and Reliable Systems”
Posted by Royal Hansen, VP of Security Engineering, GoogleFor years, I’ve wished that someone would write a book like this. Since their publication, I’ve often admired and recommended the Google Site Reliability Engineering (SRE) books—so I was thrilled to find…
Introducing our new book “Building Secure and Reliable Systems”
Posted by Royal Hansen, VP of Security Engineering, GoogleFor years, I’ve wished that someone would write a book like this. Since their publication, I’ve often admired and recommended the Google Site Reliability Engineering (SRE) books—so I was thrilled to find…
Announcing our first GCP VRP Prize winner and updates to 2020 program
Posted by Harshvardan Sharma, Information Security Engineer, Google Last year, we announced a yearly Google Cloud Platform (GCP) VRP Prize to promote security research of GCP. Since then, we’ve received many interesting entries as part of this new initiative from…
Announcing our first GCP VRP Prize winner and updates to 2020 program
Posted by Harshvardan Sharma, Information Security Engineer, Google Last year, we announced a yearly Google Cloud Platform (GCP) VRP Prize to promote security research of GCP. Since then, we’ve received many interesting entries as part of this new initiative from…
How Google Play Protect kept users safe in 2019
Posted by Rahul Mishra, Program Manager, Android Security and Privacy Team Through 2019, Google Play Protect continued to improve the security for 2.5 billion Android devices. Built into Android, Play Protect scans over 100 billion apps every day for malware…
How Google does certificate lifecycle management
Posted by Siddharth Bhai and Ryan Hurst, Product Managers, Google Cloud Over the last few years, we’ve seen the use of Transport Layer Security (TLS) on the web increase to more than 96% of all traffic seen by a Chrome browser…
FuzzBench: Fuzzer Benchmarking as a Service
Posted by Jonathan Metzman, Abhishek Arya, Google OSS-Fuzz Team and László Szekeres, Google Software Analysis TeamWe are excited to launch FuzzBench, a fully automated, open source, free service for evaluating fuzzers. The goal of FuzzBench is to make it painless…
FuzzBench: Fuzzer Benchmarking as a Service
Posted by Jonathan Metzman, Abhishek Arya, Google OSS-Fuzz Team and László Szekeres, Google Software Analysis TeamWe are excited to launch FuzzBench, a fully automated, open source, free service for evaluating fuzzers. The goal of FuzzBench is to make it painless…
Helping Developers with Permission Requests
Posted by Sai Teja Peddinti, Nina Taft and Igor Bilogrevic from PDPO Applied Privacy Research, and Pauline Anthonysamy from Android Security and Privacy. User trust is critical to the success of developers of every size. On the Google Play Store,…
Data Encryption on Android with Jetpack Security
Data Encryption on Android with Jetpack Security Advertise on IT Security News. Read the complete article: Data Encryption on Android with Jetpack Security
Improving Malicious Document Detection in Gmail with Deep Learning
Posted by Elie Bursztein, Security & Anti-Abuse Research Lead; David Tao, Software Engineer; Neil Kumaran, Product Manager, Gmail Security Gmail protects your incoming mail against spam, phishing attempts, and malware. Our existing machine learning models are highly effective at doing…
Disruptive ads enforcement and our new approach
Posted by Per Bjorke, Senior Product Manager, Ad Traffic QualityAs part of our ongoing efforts — along with help from newly developed technologies — today we’re announcing nearly 600 apps have been removed from the Google Play Store and banned…
Titan Security Keys – now available in Austria, Canada, France, Germany, Italy, Japan, Spain, Switzerland, and the UK
Posted by Christiaan Brand, Product Manager, Google Cloud Security keys provide the strongest protection against phishing attacks. That’s why they are an important feature of the Advanced Protection Program that provides Google’s strongest account protections for users that consider themselves…
How we fought bad apps and malicious developers in 2019
Posted by Andrew Ahn, Product Manager, Google Play + Android App Safety [Cross-posted from the Android Developers Blog] Google Play connects users with great digital experiences to help them be more productive and entertained, as well as providing app developers…
Protecting users from insecure downloads in Google Chrome
Posted by Joe DeBlasio, Chrome security team Today we’re announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files. In a series of steps outlined below, we’ll start blocking “mixed content downloads” (non-HTTPS downloads started on…
Say hello to OpenSK: a fully open-source security key implementation
Posted by Elie Bursztein, Security & Anti-abuse Research Lead, and Jean-Michel Picod, Software Engineer, Google Today, FIDO security keys are reshaping the way online accounts are protected by providing an easy, phishing-resistant form of two-factor authentication (2FA) that is trusted…
Vulnerability Reward Program: 2019 Year in Review
Posted by Natasha Pabrai, Jan Keller, Jessica Lin, Anna Hupa, and Adam Bacchus, Vulnerability Reward Programs at Google Our Vulnerability Reward Programs were created to reward researchers for protecting users by telling us about the security bugs they find. Their…
Have an iPhone? Use it to protect your Google Account with the Advanced Protection Program
Posted by Christiaan Brand, Product Manager, Google Cloud and Kaiyu Yan, Software Engineer, GooglePhishing—when an online attacker tries to trick you into giving them your username and password—is one of the most common causes of account compromises. We recently partnered…
Securing open-source: how Google supports the new Kubernetes bug bounty
Posted by Maya Kaczorowski, Product Manager, Container Security and Aaron Small, Product Manager, GKE On-Prem Security At Google, we care deeply about the security of open-source projects, as they’re such a critical part of our infrastructure—and indeed everyone’s. Today, the…
Have an iPhone? Use it to protect your Google Account with the Advanced Protection Program
Posted by Christiaan Brand, Product Manager, Google Cloud and Kaiyu Yan, Software Engineer, GooglePhishing—when an online attacker tries to trick you into giving them your username and password—is one of the most common causes of account compromises. We recently partnered…
Securing open-source: how Google supports the new Kubernetes bug bounty
Posted by Maya Kaczorowski, Product Manager, Container Security and Aaron Small, Product Manager, GKE On-Prem Security At Google, we care deeply about the security of open-source projects, as they’re such a critical part of our infrastructure—and indeed everyone’s. Today, the…
PHA Family Highlights: Bread (and Friends)
PHA Family Highlights: Bread (and Friends) Advertise on IT Security News. Read the complete article: PHA Family Highlights: Bread (and Friends)