Safeguard
Tag

gcp-security

Safeguard articles tagged "gcp-security" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Cloud Security

GCP IAM Best Practices: Least Privilege on Google Cloud

Principle-driven Google Cloud IAM guidance: avoiding primitive roles, service account hygiene, Workload Identity Federation, the IAM Recommender, and inheritance — with gcloud and Terraform examples.

Jul 4, 20265 min read
Cloud Security

GCP Security Best Practices for 2026

A hands-on Google Cloud hardening guide: resource hierarchy and Organization Policy, least-privilege IAM, VPC Service Controls, CMEK, and Security Command Center — with Terraform and gcloud examples.

Jul 1, 20265 min read
Cloud Security

Managing and securing GCP service account keys

A practical, step-by-step guide to GCP service account key security: disable key creation, adopt impersonation, rotate remaining keys, and monitor for misuse.

Jan 11, 20268 min read
Cloud Security

What Software Delivery Shield does for end-to-end supply ...

A breakdown of what Google Cloud's Software Delivery Shield actually does — SLSA provenance, SBOM generation, Binary Authorization — and where its coverage gaps still leave supply chains exposed.

Jan 11, 20267 min read
DevSecOps

Securing Cloud Build pipelines and generating SLSA proven...

How to secure Cloud Build supply chain security with least-privilege service accounts and SLSA provenance so tampered builds never reach production.

Jan 10, 20267 min read
Cloud Security

Using VPC Service Controls to prevent secret exfiltration...

VPC Service Controls create a hard perimeter around Secret Manager, blocking exfiltration even when credentials are compromised or IAM is misconfigured.

Jan 10, 20267 min read
gcp-security — Safeguard Blog