Google LLC today added more security features to its cloud platform as it bids to stay one step ahead of cyberattackers who are constantly on the lookout for new targets to attack.

The new features include the Web Risk application programming interface, which is a service for developers looking to provide safeguards within the applications they build. It’s now available in beta test mode.

Jennifer Lin, director of product management at Google Cloud, said in a blog post the Web Risk API allows client applications to check URLs or web addresses against Google’s list of unsafe web resources, including fake websites used in “phishing” attacks and other sites known to host malware.

The Web Risk API is built on the same technology that powers Google’s Safe Browsing feature, and can help to warn against more than a million unsafe URLs. “With the Web Risk API, you can quickly identify known bad sites, warn users before they click links in your site that may lead to infected pages, and prevent users from posting links to known malicious pages from your site,” Lin said.

Google is also making its Cloud Armor service generally available. Cloud Armor is a distributed-denial-of-service defense and web application firewall introduced in beta last year. It’s based on technologies that Google uses to protect key services, including Gmail, Search and YouTube.

The updated Cloud Armor also gets a new dashboard that can be viewed via Google’s Stackdriver Monitoring service. The dashboard apparently makes it easier to monitor and analyze traffic protected by Cloud Armor, so security teams can better understand how effective their policies are. It also allows users to evaluate the potential impact of new policies in preview, before they’re actually introduced.

Finally, Google is making its Cloud HSM available in more regions. HSM stands for “hardware security modules” that are used as an added layer of protection for information technology systems, especially in vulnerable industries such as financial services.

The problem with HSMs is that it’s not easy to deploy them, so that’s where Google is trying to help. With Cloud HSM, Google is basically offering a managed that allows organizations to protect encryption keys and perform cryptographic operations in accordance with the FIPS 140-2 Level 3 encryption standard.

“With this fully managed service, you can protect your most sensitive workloads without needing to worry about the operational overhead of managing an HSM cluster,” Lin said.

Cloud HSM was previously available only in a few U.S. regions. As of today, it’s also available in multiple locations in Europe as well, with more regions set to come.

Image: The Digital Artist/Pixabay