APIs dominate the web, accounting for the majority of all internet traffic. And more AI means more APIs, because they act as an important mechanism to move data into and out of AI applications, AI agents, and large language models (LLMs). So how can you make sure all of these APIs are secure? In this session, we’ll take you through OWASP’s top 10 API and LLM security risks, and show you how to mitigate these risks using Google Cloud’s security portfolio, including Apigee, Model Armor, Cloud Armor, Google Security Operations, and Security Command Center.

This panel explores the potential of cloud technologies for operational technology (OT) and the critical need for proactive cybersecurity measures. The convergence of OT and IT, driven by cloud adoption, presents both opportunities and challenges. Panelists will examine the benefits of cloud-based OT, such as increased efficiency, scalability, data-driven insights, and resilience, along with the opportunity to build with security in mind.

Learn how to manage security controls and licenses for thousands of users, and tie it all together with APIs. We’ll show you ways to manage developer access more efficiently, build custom management integrations, and keep your CISO happy at the same time. We’ll also demo the new Gemini Code Assist integration with Apigee, which lets developers use Gemini Code Assist chat to generate context-aware OpenAPI specifications that reuse components from other APIs in their organization for efficiency and reference organizational security standards.

Learn how to leverage Google Cloud’s innovations to build the most secure and compliant solutions with Confidential Computing, offloads, and Assured Workload capabilities.

Test your incident response skills in the Security Tabletop Workshop, an exercise that simulates a realistic cyberattack to assess and improve an organization’s security posture. Tabletop exercises are a critical component of any cybersecurity strategy, helping your team reduce the impact of cyberattacks, evaluate response strategies, address gaps, foster collaboration, and clarify roles during a crisis.

Take part in the new SOC Experience – a view into real-world attack scenarios. Learn about the latest hacker tactics and how Google equips cybersecurity teams with the data, AI, and scalable analytics to detect and remediate attacks.

Experience what a real cyberattack is like in ThreatSpace, a digital training ground on Google Cloud. While the Mandiant red team tries to break into your system, the Mandiant incident response team guides you through the investigation. Use Google Security Operations and Threat Intelligence tools to uncover how the attackers got in and what they’ve done. Extra points if you can catch the bad guys!

Dive deep into how governance, security, and sharing are innately integrated in BigQuery to power data and AI use cases across your organization. Learn about new innovations that further enhance data governance, security, and collaboration across data and AI assets, without you having to leave BigQuery. Find out how data governance leaders at Walmart and Box are using BigQuery to securely scale data and AI across their organizations.

If you’re responsible for website security and looking to protect against automated bot attacks, account takeovers, authentication fraud, and you’re also looking to reduce the costs of SMS fraud, stolen credit cards, and other transaction fraud mechanisms, this session is for you. We’ll cover the most recent advancements in reCAPTCHA, explore use cases in several large deployments across different industry verticals, learn from an actual customer using reCAPTCHA to protect their website, and dive into the technical details with reCAPTCHA engineering.

Operational technology (OT) systems are the backbone of critical industries, yet they’re increasingly targeted by sophisticated adversaries. In this session, threat intelligence experts from Honeywell and Google explore the evolving OT threat landscape, highlighting real-world attack scenarios and future potential risks. Learn how advanced threat intelligence enables organizations to move from reactive to proactive defense strategies.

Connect with other security professionals in our Birds of a Feather sessions. Dive into lively discussions with peers and Google Cloud experts on key security topics, including identity and access management, network security, multicloud monitoring, and more.

Take part in the new SOC Experience – a view into real-world attack scenarios. Learn about the latest hacker tactics and how Google equips cybersecurity teams with the data, AI, and scalable analytics to detect and remediate attacks.

Hear how the revolutionary strategies and cutting-edge technologies are transforming organizations to navigate an unpredictable cybersecurity landscape. Discover how emerging trends and innovative solutions are shaping the way we protect our digital assets. Learn more about the latest advancements in borderless IT, Zero Trust, multi-cloud environments, and AI-driven security. It’s an engaging and insightful journey into the latest in cybersecurity.

This Session is hosted by a Google Cloud Next Sponsor.
Visit your registration profile at g.co/cloudnext to opt out of sharing your contact information with the sponsor hosting this session.

This session explores building sensitive data protection directly into Retrieval-Augmented Generation (RAG) architectures. We'll demonstrate how to leverage Cloud Data Loss Prevention (Cloud DLP) and the Faker Library to anonymize sensitive data within the RAG pipeline. The session will cover techniques for reversible transformations using Memorystore and Firestore for data mapping, and discuss integrating these methods with Large Language Models (LLMs) like Gemini via LangChain and Vertex AI Search. Learn how to create secure and compliant AI solutions that protect sensitive data and adhere to regulations like the EU AI Act.

Google Threat Intelligence’s Capture the Flag game uses real-world data, including Cybersecurity & Infrastructure Security Agency (CISA) advisories, ransom notes, and information from the dark web, to simulate a threat hunt. Test your cybersecurity skills by navigating clues, analyzing evidence, and solving puzzles to capture the flags with Google Threat Intelligence.

Test your incident response skills in the Security Tabletop Workshop, an exercise that simulates a realistic cyberattack to assess and improve an organization’s security posture. Tabletop exercises are a critical component of any cybersecurity strategy, helping your team reduce the impact of cyberattacks, evaluate response strategies, address gaps, foster collaboration, and clarify roles during a crisis.

Cloud environments can have hundreds or thousands of potential security issues. But which ones create the most risk? Security Command Center uses powerful virtual red team technology and a new security graph to continuously analyze your cloud resource configurations, software vulnerabilities, and identity and access policies – running at machine scale – to pinpoint the issues that could put your cloud workloads at risk.

Scams and phishing attacks are skyrocketing all around the world, and safeguarding your users and brand reputation requires proactive and intelligent solutions. In this session, we’ll delve into Google Cloud’s Web Risk, a powerful service that leverages AI and machine learning (ML) to protect users against unsafe websites. Learn how Web Risk scans over 10 billion URLs daily, identifying phishing sites, malware downloads, and other threats with over 99.99% accuracy.

Get a guided, hands-on experience with Google Cloud’s flagship cloud security solution. Learn how to detect cloud misconfigurations, find active threats, and use Security Command Center’s virtual red teaming to identify high-risk toxic combinations and attack paths that expose high-value cloud resources. Then see how to take action on security issues with built-in response capabilities. Learn why Security Command Center is the best security solution for Google Cloud environments.

Experience what a real cyberattack is like in ThreatSpace, a digital training ground on Google Cloud. While the Mandiant red team tries to break into your system, the Mandiant incident response team guides you through the investigation. Use Google Security Operations and Threat Intelligence tools to uncover how the attackers got in and what they’ve done. Extra points if you can catch the bad guys!

eBPF has revolutionized Kubernetes networking. Cilium, the leading eBPF-based container networking interface (CNI), is now emerging as a standard on major cloud providers like Google Kubernetes Engine (GKE). It provides superior scalability, security, and observability compared to traditional CNIs. eBPF also powers Hubble for network & security insights and Tetragon for runtime security enforcement. Find out how to leverage these tools to get the most out of your GKE cluster.

Connect with other security professionals in our Birds of a Feather sessions. Dive into lively discussions with peers and Google Cloud experts on key security topics, including identity and access management, network security, multicloud monitoring, and more.

Meet with a Google Cloud Security expert to discuss your specific security needs and discover how our solutions can help. Plus, you can grab a complimentary copy of the “Defenders Advantage” book and a cup of coffee while you’re there.

Code assist tools are transforming software development, enhancing productivity with intelligent suggestions and automation. Yet they also pose challenges in ensuring code security, managing observability, and addressing risks from automation. Join experts from Google Cloud, Datadog, GitLab, Harness, and Snyk in a dynamic panel as they explore the potential of code assist tools and share strategies to mitigate risks, safeguard workflows, and maximize the impact of these tools in today’s fast-paced development landscape.

This talk explores a comprehensive key management strategy designed to safeguard your critical assets, now and in the future. We’ll focus on the foundation of modern key management, evolving cloud hardware security offerings, sovereign key management, and cloud key management. By combining the strengths of advanced hardware security module (HSM) technology, sovereign key management principles, and the flexibility of cloud environments, organizations can build a robust and future-proof security posture.