VRP 2025 Year in Review
… As part of Google's Cybersecurity Awareness Month campaign in October, we hosted our very own security conference in Mexico City, ESCAL8 . …
Search
Google Workspace’s continuous approach to mitigating indirect prompt injections
… From there, new AI vulnerabilities are sourced, reproduced, and catalogued internally to ensure our products are not impacted. Vulnerability catalog All newly discovered vulnerabilities go through a comprehensive analysis process performed by the Google Trust, Security, & Safety teams. …
Vulnerability Reward Program: 2024 in Review
… Since its launch, Google Cloud VRP triaged over 400 reports and filed over 200 unique security vulnerabilities for Google Cloud products and services leading to over $500,000 in researcher rewards. …
Rust in Android: move fast and fix things
… Notes The DevOps Research and Assessment DORA program is published by Google Cloud. ↩ POSTED IN: Related stories Android Security How Android helps keep you safe from impersonation scams with fake call detection By Eric Lynch & Troy Kensinger & Oren Schetrit Jun 02, 2026 Android Security What’s New… …
Announcing OSV-Scanner V2: Vulnerability scanner and remediation tool for open source
… U… By Mihai Maruseac Apr 04, 2025 Open Source Security OSV-SCALIBR: A library for Software Composition Analysis In December 2022, we announced OSV-Scanner, a tool to enable developers to easily scan for vulnerabilities in their open source dependencies. …
Google announces Sec-Gemini v1, a new experimental cybersecurity model
… With Sec-Gemini v1, analysts can understand the risk and threat profile associated with specific vulnerabilities faster. If you are interested in collaborating with us on advancing the AI cybersecurity frontier, please request early access to Sec-Gemini v1 via this form . …
OSV-SCALIBR: A library for Software Composition Analysis
Open Source Security OSV-SCALIBR: A library for Software Composition Analysis Jan 16, 2025 · Erik Varga Rex Pan In December 2022, we announced OSV-Scanner , a tool to enable developers to easily scan for vulnerabilities in their open source dependencies. …
Mitigating prompt injection attacks with a layered defense strategy
… To learn more about Google’s progress and research on generative AI threat actors, attack techniques, and vulnerabilities, take a look at the following resources: Beyond Speculation: Data-Driven Insights into AI and Cybersecurity RSAC 2025 conference keynote from Google’s Threat Intelligence Group … …
Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing
… Internal Security Design and Privacy Reviews: Our dedicated security and privacy teams thoroughly review the design to ensure it meets our high standards. Internal Penetration Testing: We conduct extensive in-house testing to identify and fix vulnerabilities. …
Introducing OSS Rebuild: Open Source, Rebuilt to Last
… OSV-Scanner and OSV-SCALIBR, together with OSV.dev ar… By Rex Pan & Xueqin Cui Mar 17, 2025 Open Source Security OSV-SCALIBR: A library for Software Composition Analysis In December 2022, we announced OSV-Scanner, a tool to enable developers to easily scan for vulnerabilities in their open source d… …