APIs dominate the web, accounting for the majority of all internet traffic. And more AI means more APIs, because they act as an important mechanism to move data into and out of AI applications, AI agents, and large language models (LLMs). So how can you make sure all of these APIs are secure? In this session, we’ll take you through OWASP’s top 10 API and LLM security risks, and show you how to mitigate these risks using Google Cloud’s security portfolio, including Apigee, Model Armor, Cloud Armor, Google Security Operations, and Security Command Center.

This panel explores the potential of cloud technologies for operational technology (OT) and the critical need for proactive cybersecurity measures. The convergence of OT and IT, driven by cloud adoption, presents both opportunities and challenges. Panelists will examine the benefits of cloud-based OT, such as increased efficiency, scalability, data-driven insights, and resilience, along with the opportunity to build with security in mind.

Learn how to manage security controls and licenses for thousands of users, and tie it all together with APIs. We’ll show you ways to manage developer access more efficiently, build custom management integrations, and keep your CISO happy at the same time. We’ll also demo the new Gemini Code Assist integration with Apigee, which lets developers use Gemini Code Assist chat to generate context-aware OpenAPI specifications that reuse components from other APIs in their organization for efficiency and reference organizational security standards.

Learn how to leverage Google Cloud’s innovations to build the most secure and compliant solutions with Confidential Computing, offloads, and Assured Workload capabilities.

Test your incident response skills in the Security Tabletop Workshop, an exercise that simulates a realistic cyberattack to assess and improve an organization’s security posture. Tabletop exercises are a critical component of any cybersecurity strategy, helping your team reduce the impact of cyberattacks, evaluate response strategies, address gaps, foster collaboration, and clarify roles during a crisis.

Experience what a real cyberattack is like in ThreatSpace, a digital training ground on Google Cloud. While the Mandiant red team tries to break into your system, the Mandiant incident response team guides you through the investigation. Use Google Security Operations and Threat Intelligence tools to uncover how the attackers got in and what they’ve done. Extra points if you can catch the bad guys!

Dive deep into how governance, security, and sharing are innately integrated in BigQuery to power data and AI use cases across your organization. Learn about new innovations that further enhance data governance, security, and collaboration across data and AI assets, without you having to leave BigQuery. Find out how data governance leaders at Walmart and Box are using BigQuery to securely scale data and AI across their organizations.

If you’re responsible for website security and looking to protect against automated bot attacks, account takeovers, authentication fraud, and you’re also looking to reduce the costs of SMS fraud, stolen credit cards, and other transaction fraud mechanisms, this session is for you. We’ll cover the most recent advancements in reCAPTCHA, explore use cases in several large deployments across different industry verticals, learn from an actual customer using reCAPTCHA to protect their website, and dive into the technical details with reCAPTCHA engineering.

Many organizations are scrambling to adopt Aritificial Intelligence tools across their teams, and like any new technology rollout, they are encountering challenges- both expected and unexpected. CME Group recently rolled out Gemini Code Assist to one of their large software development organizations and are excited to share takeaways around people, process, and tools. The topics include: compliance and information security considerations, 
managing rollout and adoption: starting small and scaling, and how these tools can help reshape the workday of your teams. No matter where you are in your AI adoption journey, you're sure to learn something new!

Connect with other security professionals in our Birds of a Feather sessions. Dive into lively discussions with peers and Google Cloud experts on key security topics, including identity and access management, network security, multicloud monitoring, and more.

Hear how the revolutionary strategies and cutting-edge technologies are transforming organizations to navigate an unpredictable cybersecurity landscape. Discover how emerging trends and innovative solutions are shaping the way we protect our digital assets. Learn more about the latest advancements in borderless IT, Zero Trust, multi-cloud environments, and AI-driven security. It’s an engaging and insightful journey into the latest in cybersecurity.

This Session is hosted by a Google Cloud Next Sponsor.
Visit your registration profile at g.co/cloudnext to opt out of sharing your contact information with the sponsor hosting this session.

Google Threat Intelligence’s Capture the Flag game uses real-world data, including Cybersecurity & Infrastructure Security Agency (CISA) advisories, ransom notes, and information from the dark web, to simulate a threat hunt. Test your cybersecurity skills by navigating clues, analyzing evidence, and solving puzzles to capture the flags with Google Threat Intelligence.

Test your incident response skills in the Security Tabletop Workshop, an exercise that simulates a realistic cyberattack to assess and improve an organization’s security posture. Tabletop exercises are a critical component of any cybersecurity strategy, helping your team reduce the impact of cyberattacks, evaluate response strategies, address gaps, foster collaboration, and clarify roles during a crisis.

Go 1.24 unlocks the power of WebAssembly (Wasm) with new tooling for building high-performance edge applications. In this session, we’ll show you how to leverage the speed, security, and portability of Go to create low-latency Wasm modules that run on Google Cloud’s Service Extensions. We’ll also show you how Shopify uses Go and Service Extensions to move more application logic to the edge to reliably serve millions of customers.

Cloud environments can have hundreds or thousands of potential security issues. But which ones create the most risk? Security Command Center uses powerful virtual red team technology and a new security graph to continuously analyze your cloud resource configurations, software vulnerabilities, and identity and access policies – running at machine scale – to pinpoint the issues that could put your cloud workloads at risk.

Organizations with strict data residency requirements often struggle to leverage AI and the latest in cloud innovations on-premises. Learn how to architect gen AI optimized applications for success using LLMs, cloud infrastructure, and data on-premises without compromising on data sovereignty, security, or latency in this technical deep dive session.

Get a guided, hands-on experience with Google Cloud’s flagship cloud security solution. Learn how to detect cloud misconfigurations, find active threats, and use Security Command Center’s virtual red teaming to identify high-risk toxic combinations and attack paths that expose high-value cloud resources. Then see how to take action on security issues with built-in response capabilities. Learn why Security Command Center is the best security solution for Google Cloud environments.

Experience what a real cyberattack is like in ThreatSpace, a digital training ground on Google Cloud. While the Mandiant red team tries to break into your system, the Mandiant incident response team guides you through the investigation. Use Google Security Operations and Threat Intelligence tools to uncover how the attackers got in and what they’ve done. Extra points if you can catch the bad guys!

Get equipped with the knowledge and resources to effectively position Google Cloud Security offerings within the market and build a thriving service-oriented business. Learn how to leverage Google Cloud's cutting-edge security solutions that seamlessly integrate with Google Cloud Platform (GCP) and Google Cloud Workspace (GWS) to differentiate your offerings and win in the market. Walk away with a clear understanding of the latest trends in security, strategies for building a thriving pratice.

eBPF has revolutionized Kubernetes networking. Cilium, the leading eBPF-based container networking interface (CNI), is now emerging as a standard on major cloud providers like Google Kubernetes Engine (GKE). It provides superior scalability, security, and observability compared to traditional CNIs. eBPF also powers Hubble for network & security insights and Tetragon for runtime security enforcement. Find out how to leverage these tools to get the most out of your GKE cluster.

Connect with other security professionals in our Birds of a Feather sessions. Dive into lively discussions with peers and Google Cloud experts on key security topics, including identity and access management, network security, multicloud monitoring, and more.

Meet with a Google Cloud Security expert to discuss your specific security needs and discover how our solutions can help. Plus, you can grab a complimentary copy of the “Defenders Advantage” book and a cup of coffee while you’re there.

Code assist tools are transforming software development, enhancing productivity with intelligent suggestions and automation. Yet they also pose challenges in ensuring code security, managing observability, and addressing risks from automation. Join experts from Google Cloud, Datadog, GitLab, Harness, and Snyk in a dynamic panel as they explore the potential of code assist tools and share strategies to mitigate risks, safeguard workflows, and maximize the impact of these tools in today’s fast-paced development landscape.

This talk explores a comprehensive key management strategy designed to safeguard your critical assets, now and in the future. We’ll focus on the foundation of modern key management, evolving cloud hardware security offerings, sovereign key management, and cloud key management. By combining the strengths of advanced hardware security module (HSM) technology, sovereign key management principles, and the flexibility of cloud environments, organizations can build a robust and future-proof security posture.

Model Armor is designed to protect your organization’s AI applications from security and safety risks. In this session, we’ll explore how Model Armor acts as a crucial layer of defense, screening both prompts and responses to identify and mitigate threats such as prompt injections, sensitive data leakage, and offensive content. Whether you’re a developer looking to implement AI safety or a professional interested in better visibility into AI applications, Model Armor offers comprehensive yet flexible security across all of your large language model (LLM) applications.