SECURITY
WITH GOOGLE CLOUD

Go Reply manages and consultants on your security with Google Cloud


Working with Go Reply Security


Google Cloud Security products help companies meet their policy, regulatory, and business objectives. It provides a multi-faceted set of controls and capabilities.

Go Reply also offers clients a Cyber Security Command Center specialised in Services for the Google Cloud. Its operations are available 24 hours, 7 days a week and all year long.

We have 350+ Professional Certifications in methodologies and products​, 17+ years of experience in IT Security and over
500+ Cyber Security Experts.

Our Security Portfolio

Google Cloud Security services are constantly enhanced for comprehensive protection

  • strip-0 image

    Security Assessments

    • Performing a Cloud Security Posture Review
    • Analysis of GCP-Infrastructure / Configuration mapped with Security Best-Practices
    • Tool-based assessments and scans (e.g. Forseti)
    • Risk-focused remediation and improvement plans
    • Definition of automated compliance methodologies

  • strip-0 image

    Security Monitoring and Operations

    • Implementation of Access Transparency and Automated Log Aggregation
    • Setting up Monitoring or SIEM (Security Information and Event Management) based on several vendor specific (e.g. Elastic, Splunk) and GCP native services (e.g. Chronicle, Event Threat Detection, Cloud Anomaly Detection)
    • Setting up secure operating processes (Incident Response)

  • strip-0 image

    Data Security

    • Enforcing POLP (Principle of Least Privilege)
    • Designing deletion concepts based on cloud native issues like retention policies, tags etc.
    • Implementing services with the DLP (Data Loss Prevention) API
    • Building DLP solutions for Hybrid Deployment models with partner vendors (e.g. Netskope)
    • Implementing CASB (Cloud Access Security Broker) solutions.

  • strip-0 image

    Infrastructure Security

    • Setting up hardened infrastructure, configuration management
    • Google Kubernetes Engine (GKE) and Compute Engine Security Implementation
    • Cloud KMS (Key Management Service) and Cloud HSM (Hardware Security Module), Secret Manager or third party vault services
    • Implementation of Google Certification Authority Services (internal and external PKI, Public Key Infrastructures)
    • Detection of vulnerabilities (Web Risk API, Web Security Scanner )

  • strip-0 image

    Governance

    • Security Baseline design and implementation
    • Implementation of Organisation Policy Constraints
    • Implementation of CSPM (Cloud Security Posture Management ) for 3rd party vendors (e.g. Netskope, Aqua, CheckPoint)

  • strip-0 image

    Cloud Migration and Transformation

    • Migration of applications and infrastructure to a (Multi-)Cloud or Hybrid Architecture
    • Transformation of the Deployment cycle
    • Building a low maintenance environment

  • strip-0 image

    Network Security

    • Secure VPC network segmentation in accordance with on-premises networks (holistic zoning concept)
    • Implementation of suitable perimeter services and next generation firewalls (e.g Cloud Guard)
    • Implementation of Cloud VPN, Cloud Interconnect
    • Secure Web Gateways (e.g. Netskope)
    • Cloud infrastructure services (e.g. Cloud DNS)
    • Web Application Firewall (WAF) and DoS Defense (Cloud Armor)

  • strip-0 image

    Built-In Security Features

    • Integration and Optimisation of built in security features like: Google Security Command Center, Policy Analyser, Shielded VMs, VPC Service Controls, Private Service Connect, Network
    • Intelligence, Firewall Insights
    • Migration and adoption from third party security vendors to cloud native

  • strip-0 image

    Hybrid and Multi-Cloud Security

    • Securing Implementation of safe and reliable Multi Cloud Application Platforms ( e.g. Google Anthos)
    • Multi cloud network design and perimeter orchestration (CheckPoint, Fortinet, Tufin etc.)
    • Establishing a secure unified Multi Cloud Operation

  • strip-0 image

    Identity Access Management and Federation

    • Implementing the BeyondCorp security model / Context Aware Access with Google identity and Access Context Manager
    • Integrating third Party Vendors (e.g. Okta)
    • Implementing Multi-Cloud and Hybrid Cloud federated Identities

  • strip-0 image

    Secure DevOps

    • Implementing cloud native or external Repositories and Build Pipelines (e.g. Cloud Build, Cloud Source Repositories, Artifact Registry)
    • Establishing principles for a secure agile development culture
    • Integrating static and dynamic security scanning CI/CD pipelines

Google Cloud Security Whitepapers

Below you can find links to whitepapers written by Google, which explore
the capabilities of some of the GCP security tools discussed above.