Recently we shared a candid look at how Google approaches internal detection and response, as told by Tim Nguyen during an appearance on the Cloud Security Podcast from Google.
Nguyen leads our global security engineering group, known as the Security Surveillance Team, which is responsible for addressing state-sponsored and other malicious activity targeting Google's networks and users.
His observations were far-ranging but consistent themes included the importance of automation and how it empowers—and frees up—team members to zero in on truly pernicious threats.
What does this strategy look like in action? HACKING GOOGLE, a new six-part docuseries which premiered Monday to coincide with the start of National Cybersecurity Awareness Month, brings to life the work of our elite security teams and showcases how Google secures its massive infrastructure.
The series is premised around the high-profile and ultra-sophisticated June 2009 Operation Aurora attacks, a turning point in the way Google thinks about and acts on security incidents.
For all the gripping drama and never-before-told stories that the series offers, particularly compelling for security operations professionals is Episode 002: Detection & Response, in which incident responders look back on the January 2001 North Korean-led operation that sought to socially engineer security researchers and infiltrate their digital properties. Google was one of the victims.
Drawing an analogy to containing the flames of a fast-moving fire, interviewees share the background of the malicious campaign and the steps they took to not only quickly control the chaos—which was potentially spreading across Google's vast internal footprint—but also learn from the incident.
The complete series of HACKING GOOGLE is now available!
Episode 000: Operation Aurora. What happens when a nation-state attacks a company? Google found out and cybersecurity was never the same again.
Episode 001: Threat Analysis Group. Watchguards. Lookouts. Sentries. When faced with threats there have always been those who look out to protect the rest. But who looks out for the threats lurking online?
Episode 002: Detection & Response. Meet the internet’s fire department, the elite team that answers the call when chaos ignites online.
Episode 003: Red Team. They have one job: hack Google from the inside.
Episode 004: Bug Hunters. They’re high schoolers, lawyers, IT professionals, and hobbyists. And they’ve made millions hacking Google in their free time.
Episode 005: Project Zero. Zero days. They can be the world’s most dangerous exploits. And the race is on to find them before the attackers do.
And finally, Hacking Google to Defend Enterprise. Go behind the scenes with Chief Information Security Officer of Google Cloud Phil Venables to meet the people keeping every organization on Google Cloud safe from threats.