Google LLC is using the RSA Security Conference today as a launchpad for a number of new security capabilities for cloud customers aimed at protecting their data no matter where it resides.

The updates include new threat detection and timeline capabilities in Google Cloud’s Chronicle security analytics platform and some new fraud prevention tools.

Chronicle began life as a cybersecurity subsidiary of Google’s parent company Alphabet Inc. before being folded into Google Cloud last summer. Chronicle’s main product is its Backstory offering, which is a service designed to help companies find malicious activity in their infrastructure.

Backstory runs on Google Cloud and works by hoovering up large amounts of security-related data from an organization’s systems. After the logs are ingested, they’re checked against a massive corpus of information on online threats. Security teams can use Backstory to look for malware infections and see if any internal systems have been accessed from a malicious domain.

In a blog post, Google said it’s adding an interesting new capability to Chronicle that will enable customers to detect new threats to their infrastructure using YARA-L, which is a specialized rules language that can detect new types of threats and malicious behaviors. Google said it will demonstrate how the new capability works during the RSA conference.

The advanced threat detection provides “massively scalable, real-time and retroactive rule execution,” the company said.

Chronicle is also being updated with a new intelligent data fusion feature that combines a new data model with the ability to automatically link multiple events into a single timeline.

Meanwhile, Google is offering two new tools to prevent fraud, including reCAPTCHA Enterprise and Web Risk. Generally available today, reCAPTCHA Enterprise is an enhanced version of Google’s basic reCAPTCHA tool that helps prevent bots from registering and logging into various web services. With reCAPTCHA Enterprise, large companies will be able to use the technology to protect their own systems from tactics such as credential-stuffing attack, by which attackers can test large volumes of breached passwords against legitimate sites, Google said.

Web Risk, generally available now, is an application programming interface that forces client applications to check URLs against Google’s up to date lists of “unsafe web resources.” The idea is to prevent any source of malicious content from accessing applications, the company said.

Image: MasterTux/Pixabay