Google today brought out its Cloud Security Scanner service for finding potential security issues into general availability — for free. The tool came out in beta back in February.
The timing is the interesting part. Google published its blog post on the news less than one hour after Amazon Web Services, the biggest public cloud and the No. 1 competitor of the Google Cloud Platform, announced the release of Inspector, a cloud service that automatically looks for security and compliance issues based on input from an admin.
(Update at 2:52 p.m. Pacific: Google has pulled this announcement from the Google Cloud Platform blog.)
Google’s Cloud Security Scanner “can detect issues like cross-site scripting (XSS), Mixed Content, and Flash Injection or alert you to the usage of insecure Javascript libraries,” Google product manager Matthew O’Connor wrote in his blog post about the tool.
AI Weekly
The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.
Included with VentureBeat Insider and VentureBeat VIP memberships.
Amazon’s Inspector, meanwhile, can check for compliance with the PCI data security standard version 3.0, as well as best practices for network security, authentication, operating system security, and app security. If you want to use it now, you’ll have to fill out a form. And it’s not clear what the price will be.
But the Google service only works with the Google App Engine platform as a service (PaaS), not the full Google Compute Engine infrastructure as a service (IaaS). That’s one thing that distinguishes Amazon Inspector from Google’s Cloud Security Scanner.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More