Welcome to the Google Cloud Security Community!

Got a question? Need an answer? Let's connect!

Security Forums

Q&A, discussions, share, network

Resource Center

Your learning hub for all things security

User Groups

Join a local meetup!

Events

Discover, RSVP, connect

Featured Blogs

You wont want to miss these articles

Beyond Chat: Building an Autonomous SOC Analyst with Claude and the Google MCP

This blog post was written by guest author, Eliraz Oved. If you spend your days in the trenches of a Security Operations Center, you already know the...

Forum|Forum|26 days ago

28075

New To Google SecOps: Fade to Grey: Managing Table TTL and Row Expiration

We’ve previously discussed a number of capabilities that data tables provide Google Security Operations (SecOps) including handling large data sets, w...

Forum|Forum|1 day ago

480

New to Google SecOps: In Between Days - Spotting the Outlier

A few months ago we discussed calculating Z-scores and median absolute deviations within a multi-stage search. These are some hearty examples that I w...

Forum|Forum|13 days ago

2950

Recent activity
Help others
Categories

shanmukha1499New Member

Fraud Defense (reCAPTCHA)

Increase in low reCAPTCHA Enterprise scores

Hello We are seeing unexpectedly low reCAPTCHA Enterprise scores for our iOS application starting around May 20, 2026.The tokens are valid, but many legitimate users are receiving low scores ( 0.1–0.2 >= ), affecting application flows.We don’t hav

1044

3 hours ago

bharathmuraliStaff

Google Security Operations

🚀 New Feature : Support for SOAR Custom Fields in Native Dashboards!

Hello SecOps Community!We are excited to announce that Support for SOAR Custom Fields in Native Dashboards is now generally available and enabled for all customers!What are SOAR Custom Fields?While SecOps Native Dashboards have long supported queryin

140

12 hours ago

mccrilbSilver 2

Google Security Operations

Chronicle Rule → Outcome → SOAR Playbook Workflow

I wanted to share the workflow we’ve been using to connect Chronicle detection rules with SOAR (Gemini) playbooks, specifically focusing on how rule design directly drives playbook effectiveness.The key idea is:The rule is not just a trigger — it is

13211

14 hours ago

Tanveer116004New Member

Security Command Center

URGENT: Project MeshTek-Live (meshtek-push-notificatio-724ad) Suspended During Google Home Certification – No Response to Appeal

Hello Community Managers,Our production project MeshTek-Live (Project ID: meshtek-push-notificatio-724ad) was suddenly suspended yesterday for "abusive activity consistent with hijacked resources."We filed a comprehensive appeal immediately, but our

71

18 hours ago

Firebase projects is downNew Member

Community Feedback

Firebase projects is down ? all projects is gone

All firebase projects is gone ? I am getting message This project does not exist or you do not have permission to view itTry switching accounts or go back to the homepageStill having trouble?Firebase supportStatus dashboard anyone else facing same i

101

20 hours ago

GoobleNew Member

Google Security Operations

Product field in Dashboards

The alert included in the case has a product field.In "SOAR Reports legacy", the product field is available. Where can I find this field when using Dashboards and the "Cases and alerts" data source? https://cloud.google.com/chronicle/docs/reference/s

2236

22 hours ago

fernandoredondoNew Member

Google Security Operations

Suspended Google Cloud Project — no response 2 weeks later — Urgent

Hi, my Google Cloud/Firebase project was suspended for suspected key misuse (account_hijacked).I submitted an appeal, but after 9 days I still have no response.This is now a production outage: about 1200 paying users cannot log in and trust for my ap

23015

22 hours ago

chuvakinStaff

CISO Podcast

EP279 Native Cloud Security: Is 'Good Enough' Actually Winning?

Guest: Gal Ordo, Co-founder & CPO @ Native Topics: Cloud Posture and Hygiene Cloud Security Practices Subscribe at YouTubeSubscribe at SpotifySubscribe at Apple PodcastsTopics covered: In Episode 186, we debated 'Native vs. Third-Party' as a bina

60

1 day ago

jstonerCommunity Manager

Community Blog

New To Google SecOps: Fade to Grey: Managing Table TTL and Row Expiration

We’ve previously discussed a number of capabilities that data tables provide Google Security Operations (SecOps) including handling large data sets, writing to data tables from rules and searches as well as extending the entity graph for more advance

480

1 day ago

chuvakinStaff

CISO Podcast

EP278 The Agentic SOC: Are We Measuring Time Saved or Risk Reduced?

Guest: Matt Gregson, Principal - PwC Cyber Security Topics: SIEM and SOCSubscribe at YouTubeSubscribe at SpotifySubscribe at Apple Podcasts Topics covered: What is the state of the art of “agentic SOC” in 2026? Can you describe the most agentic SOC

361

1 day ago

shanmukha1499New Member

Fraud Defense (reCAPTCHA)

Increase in low reCAPTCHA Enterprise scores

Hello We are seeing unexpectedly low reCAPTCHA Enterprise scores for our iOS application starting around May 20, 2026.The tokens are valid, but many legitimate users are receiving low scores ( 0.1–0.2 >= ), affecting application flows.We don’t hav

1044

3 hours ago

Tanveer116004New Member

Security Command Center

URGENT: Project MeshTek-Live (meshtek-push-notificatio-724ad) Suspended During Google Home Certification – No Response to Appeal

Hello Community Managers,Our production project MeshTek-Live (Project ID: meshtek-push-notificatio-724ad) was suddenly suspended yesterday for "abusive activity consistent with hijacked resources."We filed a comprehensive appeal immediately, but our

71

18 hours ago

Firebase projects is downNew Member

Community Feedback

Firebase projects is down ? all projects is gone

All firebase projects is gone ? I am getting message This project does not exist or you do not have permission to view itTry switching accounts or go back to the homepageStill having trouble?Firebase supportStatus dashboard anyone else facing same i

101

20 hours ago

fernandoredondoNew Member

Google Security Operations

Suspended Google Cloud Project — no response 2 weeks later — Urgent

Hi, my Google Cloud/Firebase project was suspended for suspected key misuse (account_hijacked).I submitted an appeal, but after 9 days I still have no response.This is now a production outage: about 1200 paying users cannot log in and trust for my ap

23015

22 hours ago

ChristianShercoNew Member

Google Security Operations

Production project suspended 7 days, no response despite multiple appeals.

Hi,I'm seeking help reaching the Trust & Safety team on a long-pending appeal. Workspace Supportc and Swedish Phone support redirected me here. My production project was suspended on May 18, 2026. I filed an appeal immediately with a full remedia

201

2 days ago

POrtizMeronBronze 1

Google Security Operations

Change Google Security Operations UI language

Hello community! Does anybody know if it is possible to change the GSO UI language to spanish (either LATAM or Spain)?

463

2 days ago

donkosBronze 1

Google Security Operations

Google SecOps SIEM Stats Query API Limit

I know that Google is currently increasing the API limits for Google SecOps to go up to 2000 for APIs. I imagine that this would also apply to the the “Execute UDM Search” action in the GoogleChronicle integration? Would the same API quota also apply

745

3 days ago

keiSBronze 5

Google Security Operations

How SOAR Migration works when using Cloud Identity integration

We have completed Stage 2 of SOAR Migration for our SecOps environment using Cloud Identity integration.However, I'm having trouble understanding the IAM mechanism as described in the documentation. Could you please explain it to me?* My understandin

170

3 days ago

manoj610Bronze 1

Google Security Operations

Drill-Down Support for Open and Closed Cases in Dashboards

Hello,Can someone please let me know if it is possible to create a drill-down for Open and Closed Cases in dashboards?For example, if I click on the “Open Cases” or “Closed Cases” count/chart, I would like it to redirect me to the Cases page filtered

368

3 days ago

manoj610Bronze 1

Google Security Operations

Drill-Down Support for Open and Closed Cases in Dashboards

Hello,Can someone please let me know if it is possible to create a drill-down for Open and Closed Cases in dashboards?For example, if I click on the “Open Cases” or “Closed Cases” count/chart, I would like it to redirect me to the Cases page filtered

100

3 days ago

Security Forums

Welcome to the Google Cloud Security Forums! Your ultimate security conversation spot. Collaborate with peers and experts to solve challenges, together.

Google Security Operations

2871 topics

Google Threat Intelligence

93 topics

Security Command Center

80 topics

Security Validation

120 topics

Fraud Defense (reCAPTCHA)

302 topics

Cloud Security Foundation

44 topics

Stay Informed

News & Announcements

131 topics

Getting Started

New to the Google Cloud Security Community? Our resources page has everything you need to get started! Find helpful information on account registration, navigating the community, and sharing your valuable feedback.