eBPF has revolutionized Kubernetes networking. Cilium, the leading eBPF-based container networking interface (CNI), is now emerging as a standard on major cloud providers like Google Kubernetes Engine (GKE). It provides superior scalability, security, and observability compared to traditional CNIs. eBPF also powers Hubble for network & security insights and Tetragon for runtime security enforcement. Find out how to leverage these tools to get the most out of your GKE cluster.

Connect with other security professionals in our Birds of a Feather sessions. Dive into lively discussions with peers and Google Cloud experts on key security topics, including identity and access management, network security, multicloud monitoring, and more.

Meet with a Google Cloud Security expert to discuss your specific security needs and discover how our solutions can help. Plus, you can grab a complimentary copy of the “Defenders Advantage” book and a cup of coffee while you’re there.

Code assist tools are transforming software development, enhancing productivity with intelligent suggestions and automation. Yet they also pose challenges in ensuring code security, managing observability, and addressing risks from automation. Join experts from Google Cloud, Datadog, GitLab, Harness, and Snyk in a dynamic panel as they explore the potential of code assist tools and share strategies to mitigate risks, safeguard workflows, and maximize the impact of these tools in today’s fast-paced development landscape.

This talk explores a comprehensive key management strategy designed to safeguard your critical assets, now and in the future. We’ll focus on the foundation of modern key management, evolving cloud hardware security offerings, sovereign key management, and cloud key management. By combining the strengths of advanced hardware security module (HSM) technology, sovereign key management principles, and the flexibility of cloud environments, organizations can build a robust and future-proof security posture.

Mandiant has observed that organizations continue to lack visibility into cloud threats and fail to enable the logs required for effective incident detection and response. This session provides guidance for building a cloud logging and detection strategy, based on lessons learned from Mandiant’s incident response engagements. You’ll learn about incident case studies that show how cloud logging gaps can lead to undetected attacker activity and ineffective investigations.

Model Armor is designed to protect your organization’s AI applications from security and safety risks. In this session, we’ll explore how Model Armor acts as a crucial layer of defense, screening both prompts and responses to identify and mitigate threats such as prompt injections, sensitive data leakage, and offensive content. Whether you’re a developer looking to implement AI safety or a professional interested in better visibility into AI applications, Model Armor offers comprehensive yet flexible security across all of your large language model (LLM) applications.

Google Threat Intelligence’s Capture the Flag game uses real-world data, including Cybersecurity & Infrastructure Security Agency (CISA) advisories, ransom notes, and information from the dark web, to simulate a threat hunt. Test your cybersecurity skills by navigating clues, analyzing evidence, and solving puzzles to capture the flags with Google Threat Intelligence.

Unlocking insights often requires data collaboration between different organizations, which raises important questions about privacy and data security. Learn how Google and one of our customers use confidential computing solutions to apply new approaches to data security, isolation, and transparency – all through the use of Confidential Computing and Trusted Execution Environments (TEEs). TEEs can transform privacy obligations into real-world, technical solutions that enable businesses of all sizes to thrive while respecting people’s privacy.

Businesses and public sector organizations are transitioning away from legacy digital workplace solutions to enhance productivity and collaboration, optimize IT costs and workload, and better mitigate security and compliance risks with modern, secure-by-design architecture and controls. Join this session to discover how organizations of all sizes have transformed their organization’s collaboration and improved the security posture with Google Workspace and leading identity and device management solutions from Okta, Omnissa, and JumpCloud.

Join GXO's SVP of Data/AI/ML, Ramin Rastin, and Senior Director of Data, Americo, as they share their remarkable journey of implementing Generative AI and Vertex AI within their organization. Discover how GXO leveraged Google Cloud's cutting-edge technology to achieve significant scalability and efficiency gains, enhance business operations, and improve user experience. In this session, you'll learn how GXO: Scaled rapidly: Deployed 15-20 AI-powered assistants within the first six months of 2025, each reducing workloads by 40-60%. Enhanced flexibility: Developed a Generic Chat Assistant mid-project to adapt to evolving business needs. Improved accessibility: Created an intuitive user interface for all users, regardless of technical expertise. Centralized control: Implemented an Admin Page with role-based access control for enhanced security and governance.

Experience the future of AI with Google Cloud! Speak with customers who are building innovative AI solutions and learn directly from them. This experience offers a real-world look into "how we built it" discussions, giving you the chance to explore the possibilities. See detailed schedule of each timeblock here.

Enhance your team's Google SecOps proficiency with our hands-on lab. Learn to leverage the alert graph for streamlined triage, in-depth investigations, and optimized YARA-L rule modification. This workshop equips analysts with skills to efficiently manage alerts, improve detection accuracy, and strengthen your security posture. Drive operational efficiency and reduce response times. Ideal for security analysts seeking to maximize their Google SecOps expertise.

Architect and deploy secure cross-cloud networks with confidence. This session delivers expert guidance on designing and deploying Google Cloud’s Cross-Cloud Network security solutions to help protect against a wide range of network threats, including exploits, malware, DDoS, data exfiltration, and more. Discover best practices for configuring Cloud NGFW, Cloud Armor, and Secure Web Proxy (Cloud SWP) to address critical security concerns and build a resilient cloud infrastructure.

Building and maintaining detection rules is the cornerstone of any high-performing security operations function, but it’s often easier said than done. Join us for an in-depth exploration of detections in Google Security Operations (Google SecOps) and learn how it empowers detection teams to stay ahead of threats – from curated detections delivered out of the box by Google SecOps to address the latest threats, to building custom rules using entity graphs, AI, and the wealth of functions and context provided by Google SecOps.

Even cloud security experts can struggle with application and data compliance. Discover how Security Command Center is simplifying cloud compliance by bringing together configuration, monitoring, and evidence generation. Learn how a unified cloud compliance solution can make it easy to apply prebuilt and custom compliance frameworks, check compliance status with a centralized dashboard, and automatically generate audit reports to prove compliance.

As organizations increasingly adopt cloud technologies, threat actors have adapted their tactics to exploit vulnerabilities within cloud environments. This threat briefing explores the methods employed by malicious actors to compromise cloud services, including the exploitation of misconfigurations, weaknesses in identity and access management, and shared resources. Attendees will learn how the threat landscape is shifting and how to be more proactive by understanding how the tactics, techniques, and procedures are evolving.

The Defender’s Advantage model from Mandiant illustrates the cyber defense capabilities required to actively resist attacks and minimize the impact of a compromise. Partnering with UnitedHealth Group, we leveraged the Defender’s Advantage model to focus on continuous improvement, operationalize threat intelligence, reduce the attack surface, and implement a security validation program. We’ll share case studies and lessons learned about how we developed each of these programs to transform and enhance the organization’s cyber defense capabilities.

AI is revolutionizing observability. Learn about Cloud SQL AI-powered Database Insights and how it can help you optimize your queries and boost database performance. We’ll dive deep into the new Insights capabilities for MySQL, PostgreSQL, and SQL Server, including the Gemini-powered chat agent. Learn how to troubleshoot those tricky database performance issues and get practical tips to improve the performance of your applications.

Organizations are facing sophisticated and growing cyberthreats from commercially driven ransomware groups and state-sponsored adversaries that legacy productivity solutions struggle to defend against. Learn how Google’s multilayered approach – AI threat defenses, a reduced attack surface, and built-in security controls in Google Workspace, Chrome Enterprise, and ChromeOS – can effectively combat the most prevalent cyberthreats and block malicious actors from gaining access to your data and disrupting your business.