Specialized virtual machines, recently released in beta mode, ensure cloud workloads haven’t been compromised.
Google recently rolled out in beta specialized virtual machines, called Shielded VMs, so account holders on Google Cloud Platform (GCP) could run workloads without fear of running compromised code.
Now the company is publishing details on how Shielded VMs keep the cloud secure from attack vectors, including guest system firmware, guest OS via malicious guest-VM kernel or user-mode vulnerabilities, and malicious customer insiders tampering with guest VM images. Threats like boot malware or firmware rootkits often lay undetected while the compromised VM boots.