Google Cloud adds new security, IAM, and compliance features to its cloud platform.
At its Security Summit 2025, Google Cloud introduces new security features within its Trusted Cloud environment. Google defines Trusted Cloud as the integrated security of its cloud platform, which is built into the foundation. Among others, Compliance Manager, Data Security Posture Management, and AI-supported IAM capabilities are now available in preview.
New Tools
Security Command Center receives multiple expansions. Compliance Manager (in preview) brings together policy management, control settings, monitoring, and auditing in one solution. AI-specific controls have also been added to support compliance of AI workloads, including continuous monitoring and reporting. At the Summit, Google announces a lot of security by and for AI.
Data Security Posture Management is now available in preview. This feature provides data administrators with direct insights into data security through native integration with BigQuery Security Center. Organizations can better manage sensitive data without switching environments.
Also new are the risk reports. These reports contain cloud security issues and remediation recommendations. The tool is based on Google Cloud’s virtual red teaming technology.
Improved Access Control
In the area of Identity and Access Management (IAM), Agentic IAM will appear later this year. This automatically creates and manages agent identities across different environments.
The IAM role picker (in preview) uses Gemini to automatically suggest the least permissive role based on a task description. Re-authentication is now required by default for sensitive actions such as changing billing information. Google recommends not changing this default setting.
In terms of data security, Google is expanding the Sensitive Data Protection feature to Vertex AI, CloudSQL, and BigQuery. This includes support for recognizing sensitive information in images, such as barcodes and license plates. New detection models would automatically identify sensitive contexts such as medical records or source code.
Network Security
For networks, Cloud NGFW now supports organization-wide tags and hierarchical configurations. The firewall is also available in preview for RDMA networks, providing protection for high-performance computing and AI workloads.
Cloud Armor Enterprise now supports hierarchical policies and organization-wide address groups. New features also include improved limits for WAF inspection and threat detection based on JA4 fingerprints and ASN information.
With these updates, Google Cloud continues to improve the security of its cloud platform and the security posture of its users. The new functionality builds on an extensive existing foundation.