Google Cloud Armor – New Feature sets

Google Cloud is adding new Cloud Armor’s capabilities for fending cyberattacks against its cloud customers.

Attackers use advanced comprehensive techniques, like volumetric DDoS attacks, bot attacks and application programming interface abuse to try to take their targets offline.

With the use of Cloud Armor rate limiting capability google aiming to thwart such attacks. Customers now have the flexibility to limit the rate of requests their apps and services can receive. Cloud Armor now offers two kinds of rate-based rules.

Customers can enforce a maximum request limit per client or a maximum request count across all clients based on HTTP request properties. In addition, they can implement a rate-based ban, which rate-limits or temporarily bans requests from connections that exceed a specified limit.

To manage bot attacks, credential stuffing, scraping and inventor hoarding attacks, Google Cloud is making reCAPTCHA Enterprise generally available. Cloud Armor now integrates with reCAPTCHA Enterprise to identify bots and either block their access to a certain service or redirect them to alternate content based on their risk score.

Another feature is with updated preconfigured web application firewall rules that are designed to help customers mitigate the top ten vulnerabilities identified by the OWASP Top 10.

Google Cloud Armor’s defense in-depth strategy with the preview availability of Google Cloud Threat Intelligence. This service provides ready-to-use and continuously updated threat intelligence for customers to enhance their network security according to the latest threats and techniques they can expect to face.

 Google also extending Cloud Armor to cover additional types of workloads through the introduction of new edge security policies to protect CDN and support for proxy load balancers.