APIs dominate the web, accounting for the majority of all internet traffic. And more AI means more APIs, because they act as an important mechanism to move data into and out of AI applications, AI agents, and large language models (LLMs). So how can you make sure all of these APIs are secure? In this session, we’ll take you through OWASP’s top 10 API and LLM security risks, and show you how to mitigate these risks using Google Cloud’s security portfolio, including Apigee, Model Armor, Cloud Armor, Google Security Operations, and Security Command Center.

This panel explores the potential of cloud technologies for operational technology (OT) and the critical need for proactive cybersecurity measures. The convergence of OT and IT, driven by cloud adoption, presents both opportunities and challenges. Panelists will examine the benefits of cloud-based OT, such as increased efficiency, scalability, data-driven insights, and resilience, along with the opportunity to build with security in mind.

Learn how to manage security controls and licenses for thousands of users, and tie it all together with APIs. We’ll show you ways to manage developer access more efficiently, build custom management integrations, and keep your CISO happy at the same time. We’ll also demo the new Gemini Code Assist integration with Apigee, which lets developers use Gemini Code Assist chat to generate context-aware OpenAPI specifications that reuse components from other APIs in their organization for efficiency and reference organizational security standards.

Learn how to leverage Google Cloud’s innovations to build the most secure and compliant solutions with Confidential Computing, offloads, and Assured Workload capabilities.

Test your incident response skills in the Security Tabletop Workshop, an exercise that simulates a realistic cyberattack to assess and improve an organization’s security posture. Tabletop exercises are a critical component of any cybersecurity strategy, helping your team reduce the impact of cyberattacks, evaluate response strategies, address gaps, foster collaboration, and clarify roles during a crisis.

Take part in the new SOC Experience – a view into real-world attack scenarios. Learn about the latest hacker tactics and how Google equips cybersecurity teams with the data, AI, and scalable analytics to detect and remediate attacks.

Experience what a real cyberattack is like in ThreatSpace, a digital training ground on Google Cloud. While the Mandiant red team tries to break into your system, the Mandiant incident response team guides you through the investigation. Use Google Security Operations and Threat Intelligence tools to uncover how the attackers got in and what they’ve done. Extra points if you can catch the bad guys!

Dive deep into how governance, security, and sharing are innately integrated in BigQuery to power data and AI use cases across your organization. Learn about new innovations that further enhance data governance, security, and collaboration across data and AI assets, without you having to leave BigQuery. Find out how data governance leaders at Walmart and Box are using BigQuery to securely scale data and AI across their organizations.

If you’re responsible for website security and looking to protect against automated bot attacks, account takeovers, authentication fraud, and you’re also looking to reduce the costs of SMS fraud, stolen credit cards, and other transaction fraud mechanisms, this session is for you. We’ll cover the most recent advancements in reCAPTCHA, explore use cases in several large deployments across different industry verticals, learn from an actual customer using reCAPTCHA to protect their website, and dive into the technical details with reCAPTCHA engineering.

Operational technology (OT) systems are the backbone of critical industries, yet they’re increasingly targeted by sophisticated adversaries. In this session, threat intelligence experts from Honeywell and Google explore the evolving OT threat landscape, highlighting real-world attack scenarios and future potential risks. Learn how advanced threat intelligence enables organizations to move from reactive to proactive defense strategies.

Many organizations are scrambling to adopt Aritificial Intelligence tools across their teams, and like any new technology rollout, they are encountering challenges- both expected and unexpected. CME Group recently rolled out Gemini Code Assist to one of their large software development organizations and are excited to share takeaways around people, process, and tools. The topics include: compliance and information security considerations, 
managing rollout and adoption: starting small and scaling, and how these tools can help reshape the workday of your teams. No matter where you are in your AI adoption journey, you're sure to learn something new!

Connect with other security professionals in our Birds of a Feather sessions. Dive into lively discussions with peers and Google Cloud experts on key security topics, including identity and access management, network security, multicloud monitoring, and more.

Take part in the new SOC Experience – a view into real-world attack scenarios. Learn about the latest hacker tactics and how Google equips cybersecurity teams with the data, AI, and scalable analytics to detect and remediate attacks.

Hear how the revolutionary strategies and cutting-edge technologies are transforming organizations to navigate an unpredictable cybersecurity landscape. Discover how emerging trends and innovative solutions are shaping the way we protect our digital assets. Learn more about the latest advancements in borderless IT, Zero Trust, multi-cloud environments, and AI-driven security. It’s an engaging and insightful journey into the latest in cybersecurity.

This Session is hosted by a Google Cloud Next Sponsor.
Visit your registration profile at g.co/cloudnext to opt out of sharing your contact information with the sponsor hosting this session.

This session explores building sensitive data protection directly into Retrieval-Augmented Generation (RAG) architectures. We'll demonstrate how to leverage Cloud Data Loss Prevention (Cloud DLP) and the Faker Library to anonymize sensitive data within the RAG pipeline. The session will cover techniques for reversible transformations using Memorystore and Firestore for data mapping, and discuss integrating these methods with Large Language Models (LLMs) like Gemini via LangChain and Vertex AI Search. Learn how to create secure and compliant AI solutions that protect sensitive data and adhere to regulations like the EU AI Act.

Google Threat Intelligence’s Capture the Flag game uses real-world data, including Cybersecurity & Infrastructure Security Agency (CISA) advisories, ransom notes, and information from the dark web, to simulate a threat hunt. Test your cybersecurity skills by navigating clues, analyzing evidence, and solving puzzles to capture the flags with Google Threat Intelligence.

Test your incident response skills in the Security Tabletop Workshop, an exercise that simulates a realistic cyberattack to assess and improve an organization’s security posture. Tabletop exercises are a critical component of any cybersecurity strategy, helping your team reduce the impact of cyberattacks, evaluate response strategies, address gaps, foster collaboration, and clarify roles during a crisis.

Go 1.24 unlocks the power of WebAssembly (Wasm) with new tooling for building high-performance edge applications. In this session, we’ll show you how to leverage the speed, security, and portability of Go to create low-latency Wasm modules that run on Google Cloud’s Service Extensions. We’ll also show you how Shopify uses Go and Service Extensions to move more application logic to the edge to reliably serve millions of customers.

Cloud environments can have hundreds or thousands of potential security issues. But which ones create the most risk? Security Command Center uses powerful virtual red team technology and a new security graph to continuously analyze your cloud resource configurations, software vulnerabilities, and identity and access policies – running at machine scale – to pinpoint the issues that could put your cloud workloads at risk.

Scams and phishing attacks are skyrocketing all around the world, and safeguarding your users and brand reputation requires proactive and intelligent solutions. In this session, we’ll delve into Google Cloud’s Web Risk, a powerful service that leverages AI and machine learning (ML) to protect users against unsafe websites. Learn how Web Risk scans over 10 billion URLs daily, identifying phishing sites, malware downloads, and other threats with over 99.99% accuracy.