Thomas Kurian, chief executive officer of Google Cloud, at the company's campus in Sunnyvale, California, U.S., on Monday, July 12, 2021. Under Kurian's supervision, Google Cloud's revenue has more than doubled and is growing at a quicker pace than that of its parent company, Alphabet Inc. Photographer: Cayce Clifford/Bloomberg via Getty Images
Photo: Cayce Clifford/Bloomberg via Getty Images

Google wants to be the 'full-service' security cloud

Protocol Enterprise

Hello and welcome to Protocol Enterprise! Today: What Google plans to do with its $5.4 billion purchase of Mandiant, a troubling new Linux vulnerability surfaces and using light bulbs as WiFi routers.


Spin up

What does it take to get a cloud startup off the ground these days? The new Microsoft for Startup Founders Hub will dole out up to $150,000 in Azure credits to new startups, depending on their stage of growth.


Google’s mandate for Mandiant

Google’s proposed $5.4 billion acquisition of Mandiant will help boost Google Cloud’s security posture as it pushes for more enterprise customers amid an increasingly challenging environment.

Mandiant, which sells an extended detection and response SaaS platform called Mandiant Advantage, will fill gaps in Google Cloud’s security technology stack that aren’t covered by its own first-party products. Those currently include Google Cloud Armor, its network security service that provides defenses against DDoS and application attacks; Chronicle, its security analytics platform; and BeyondCorp Enterprise, its zero-trust identity and security platform.

  • “The critical piece for [Google Cloud] is really being able to get closer to feeling like a full-service entity across the whole broad landscape of security tech,” said Miles Ward, chief technology officer for SADA, a business and technology consultancy, in an interview after Google’s announcement.
  • “Security now is not one category, it's like 20. Google has built some great individual products and bought a couple of others, but Mandiant is just much more full-service. It has a real breadth from across different parts of the technology stack,” he said.
  • “It lets a Google seller and partners like us approach a customer and be able to say that you can get everything that you need effectively from Google at this point.”

Mandiant CEO Kevin Mandia will join Google Cloud in an unspecified role. The company currently has 2,200 employees, including 600 consultants and 300 intelligence analysts who respond to security breaches.

  • Cloud computing providers have been doubling down on their security efforts in the wake of mounting and evolving cyberattacks, such as the recent Log4j exploit, ransomware demands, the SolarWinds hack by suspected Russian intelligence attackers and the attacks on Microsoft’s on-premises Exchange Server platform pinned to Chinese nation-state hackers.
  • Cyber threat activity by alleged state-sponsored Russian organizations has also been increasing during Russia’s ongoing invasion of Ukraine.
  • The Mandiant acquisition will bolster Google Cloud’s defense in the race with competitors AWS and Microsoft. Bloomberg reported last month that Microsoft had also been pursuing Mandiant.

“This deal is all about Mandiant being further integrated into Google Cloud with more cyber threats facing enterprises/governments on the transformational shift to cloud and Mandiant establishing itself as ‘the Navy Seals of cyber security’ over the last decade,” Wedbush Securities analyst Dan Ives wrote in a research note today.

  • The deal follows Google’s January purchase of Israeli cybersecurity startup Siemplify, a security orchestration, automation and response provider, for a reported $500 million.
  • Google Cloud has boasted that one of its selling points is infrastructure designed from the start with built-in security based on so-called zero-trust principles, rather than security that’s “bolted on,” with its own security chips on its servers and data encrypted by default at rest and in transit.

Mandiant’s deal with Google is expected to have a major ripple effect across the cybersecurity space as AWS and Microsoft will now be pressured into mergers and acquisition to further bolster their cloud platforms, according to Ives.

  • He cited CyberArk, Ping, Qualys, Rapid7, SailPoint, Tenable and Varonis as possible targets given their focus on cloud workload protection.
  • “In a massive growth backdrop for cybersecurity and further tailwinds seen during this Ukraine invasion from Russia[n] bad actors/nation-state attacks, we believe today's deal is the tip of the iceberg to a massive phase of consolidation potentially ahead for the cloud space,” Ives said.

— Donna Goodison (email | twitter)

A MESSAGE FROM ADOBE

Get inspired as we make the digital economy personal at Adobe Summit 2022. Explore the top industry trends and insights, expand your skills, discover the latest innovations from Adobe Labs, and connect with peers and experts from around the world.

Learn more

Time to patch the Linux servers

Right as the world stands guard for a fresh wave of cybersecurity attacks, a new Linux vulnerability was identified and disclosed late Monday that could allow attackers to escalate their level of privilege on certain servers. That means they could potentially run their own code, and the vulnerability could also compromise Linux containers.

Max Kellerman discovered the bug last month and reported it to the Linux security team, which coordinated with Kellerman to release a patch at the same time the flaw was discovered. Newer versions of Linux are not affected by the vulnerability, but outdated versions of the operating system are running around the world at any given moment.

Cloud customers should be protected against this flaw, but companies running their own Linux servers were urged to patch their systems now. Go ahead; you can come back to the rest of this roundup in a few hours.

— Tom Krazit (email | twitter)

See data coverage by the light bulb light

Using light bulbs to transmit data across the light they emit sounds a bit far-fetched. But a company now known as pureLiFi has been working since 2012 to figure out how to do it.

Using a technology it calls Light Fidelity, or LiFi, the company says that it can use LED lights to transmit data to smartphones and other gadgets equipped with a LiFi chip and demonstrated the technology at Mobile World Congress last week. LED lights are semiconductors, which allows the light flowing through them to be changed at high speeds. By modulating the light at different rates, sensors in a phone, for example, can interpret the signals as data.

Compared with radio transmissions such as Wi-Fi or 5G, transmitting data over the invisible light spectrum has advantages: it’s very fast, secure and low latency. However, it won’t transmit data through walls or reach a smartphone in someone’s pocket.

— Max A. Cherney (email | twitter)

Around the enterprise

Google Cloud ran into some load-balancing issues at its South Carolina data center complex that knocked Spotify and Discord offline for a few hours.

Microsoft disclosed an Azure flaw that could have allowed users of one specific Azure service to access accounts belonging to other Azure users, which is not good.

Lots of enterprise tech companies have vowed to cut off sales to Russian companies but as The Register reported, several companies, including SAP, continue to offer support to their customers in the region.

What chip shortage? If you need a custom quantum computing chip for some reason, a Dutch company called QuantWare is open for business.

A MESSAGE FROM ADOBE

Get inspired as we make the digital economy personal at Adobe Summit 2022. Explore the top industry trends and insights, expand your skills, discover the latest innovations from Adobe Labs, and connect with peers and experts from around the world.

Learn more

Thanks for reading — see you tomorrow!

Recent Issues

The Dreamforce hangover

Veni, vidi, Vendia?