Google launches its Cloud Platform Security Scanner out of beta, minutes after Amazon announced Inspector

Google today brought out its Cloud Security Scanner service for finding potential security issues into general availability — for free.

Google published its blog post on the news less than one hour after Amazon Web Services, the biggest public cloud and the No. 1 competitor of the Google Cloud Platform, announced the release of Inspector, a cloud service that automatically looks for security and compliance issues based on input from an admin.

Google’s Cloud Security Scanner “can detect issues like cross-site scripting (XSS), Mixed Content, and Flash Injection or alert you to the usage of insecure Javascript libraries,” Google product manager Matthew O’Connor wrote in his blog post about the tool.

Amazon’s Inspector, meanwhile, can check for compliance with the PCI data security standard version 3.0, as well as best practices for network security, authentication, operating system security, and app security. If you want to use it now, you’ll have to fill out a form. And it’s not clear what the price will be.

But the Google service only works with the Google App Engine platform as a service (PaaS), not the full Google Compute Engine infrastructure as a service (IaaS). That’s one thing that distinguishes Amazon Inspector from Google’s Cloud Security Scanner.