Cloud Armor

Cloud Armor helps protect backend services from Layer 7 DDoS attacks by learning normal traffic patterns, detecting and alerting on potential attacks, and providing WAF rules to mitigate them. Learn more

reCaptcha

reCaptcha Enterprise protects your application/website from fraudulent activity, spam, and abuse.

Security Key Management

Generate, use, rotate, and destroy AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 cryptographic keys. 

HTTPS/SSL

All network traffic is encrypted using HTTPS over a secured socket layer (SSL). This includes a modern TLS (1.2), and auto scaling HTTP/2.

SLSA-2 Compliant Builds

All packages are assured by Google Assured Open Source Software and regularly scanned, analyzed, and fuzz-tested for vulnerabilities by Google.

Security Policies

Security policies let you control access to your resources at your network's edge. You can use security policies to protect your non-CDN HTTP(S) load balancers.

Certificate Authorization

All documents stored in the application are accessible only through the application or authorized certificates. Authorized access to private objects are done via signed URLs. 

Cloud Load Balancing

Provides cross-region load balancing, including automatic multi-region failover. Cloud Load Balancing reacts instantaneously to changes in users, traffic, network, backend health, and other related conditions.

Audit Logs

All system changes are automatically tracked in system logs.  cards can configure audit logs to track applications to meet compliance requirements.

Role Based Access

Set access and permissions based on role.  &nbspPermission sets allow you to  flexibly manage who has access to what.  

Data Loss Prevention

Classify, mask and de-identify specific sensitive elements within your data to meet regulations and internal policies.

Authentication

Supports Firebase and Google Cloud Identity to provide verified and secured authentication via: Email/Password, Phone, Google, Microsoft, Apple, Facebook, X, Yahoo, SAML, OpenID Connect, and OAuth2 support for integrations.

Assured Workloads

cards with highly sensitive data (e.g. CGIS, HIPAA, etc) requirements can an extra level of monitoring and protection through assured workloads.

WCAG 2.1 AA

cards can use SnapApp to build WCAG compliant solutions. Learn about SnapApp's Product Accessibility.

CJIS

cards can use SnapApp in compliance with various U.S. federal government and global standards for cloud security and privacy. See SnapApp FedRamp High Services.

Fed Ramp High

cards can use SnapApp in compliance with various U.S. federal government and global standards for cloud security and privacy. See SnapApp FedRamp High Services.

HIPAA

cards can use SnapApp in compliance with various U.S. federal government and global standards for cloud security and privacy. See SnapApp FedRamp High Services.

Fed Ramp Medium

cards can use SnapApp in compliance with various U.S. federal government and global standards for cloud security and privacy. See SnapApp FedRamp High Services.

NIST SP 800-171

cards can use SnapApp in compliance with various U.S. federal government and global standards for cloud security and privacy. See SnapApp FedRamp High Services.