Chrome Browser security

Chrome Browser was built to keep your company’s data safe and secure on the web.

Chrome provides protection at every layer of the product, from malware and phishing protection to state-of-the-art sandboxing and network security.

We also stay a step ahead of attackers by leading and creating standards for the web security community.

Download Chrome Browser Packagesarrow_forward
Security by design

Security by design

We designed Chrome Browser to be secure with advanced malware and phishing protection, auto-updates, and understandable security warnings.

Learn More
Security in every layer

Security in every layer

Secure to the core, with defensive measures operating from the network layer through Chrome Browser and web applications.

Learn More
One step ahead

One step ahead

Chrome Browser stays ahead of potential attackers with scaled vulnerability discovery, fast response and fixes, and by rewarding researchers who find security bugs.

Learn More

Security by design

Safe Browsing

Google Safe Browsing technology protects your company from a range of malware, phishing, and social engineering attacks that might try to steal passwords or infect machines. Safe Browsing is used in Chrome as well as other Google products like Search and Ads, and the free public API is used by other major browsers, sites, and apps.

If employees encounter a website suspected of being deceptive or dangerous while browsing the web, they’ll be shown a warning page. We also show warnings on dangerous downloads like malware that may inject ads or harm computers.


Chrome Browser automatically updates to ensure that your employees always have the latest security features and fixes, no action required. For enterprises that want more control, Chrome Browser offers policies to manage updates.

While Chrome Browser has a normal release cycle of 6 weeks, it also updates to address critical security bugs as needed — we’ve shipped critical security fixes in under 24 hours when necessary.

Making security intuitive

To make security easier for everyone to understand, Google does user research and uses the results to create meaningful security warnings and interfaces. We publish peer-reviewed papers so that others can take advantage of this research. This includes research on our malware and phishing warnings, HTTPS warnings, connection security indicators (green lock), and more.

Security in every layer

Sandboxing and Flash

Sandboxing helps prevent malware from installing itself on computers and reduces the severity of vulnerabilities by isolating malicious web pages that try to leave programs on computers, monitor web activity, or steal private data.

Chrome Browser leads in software sandboxing with protection from vulnerable plugins and isolation between extension and websites. We collaborate closely with Adobe to harden Flash and to ensure the browser has the most secure version of Flash. Chrome Browser’s PDF reader, leads the industry in protection from untrustworthy PDFs. We’re even working to enable site Isolation on the open web.

Networking security

Chrome Browser implements extensive networking security features to authenticate secure connections to websites, so the websites your employees view cannot be eavesdropped on or tampered with. These features include Strict Transport Security (HSTS), preloaded public key pinning, root CA verification, and mixed script blocking.

Chrome actively participates in networking security standards and owns the HSTS preload list used by other browsers. Chrome also leads Certificate Transparency, a project to detect wrongly issued HTTPS certificates. We’re even experimenting with post-quantum cryptography.

One step ahead

Vulnerability response and rewards

Fixing vulnerabilities in a timely manner is critical to browser security. Chrome Browser is committed to releasing a fix for any critical security vulnerabilities in under 60 days. On average, we fix high and critical severity vulnerabilities in 30 days, and when necessary, we have shipped critical security fixes in under 24 hours.

The Chrome Reward Program provides monetary awards and public recognition to security researchers who responsibly disclose new vulnerabilities to the Chrome project. In 2016 alone, we awarded nearly $1 million for Chrome vulnerabilities in our commitment to keep Chrome Browser safe.

Fuzzing at scale

Fuzzing is a method for finding security vulnerabilities by testing with random data. To help Google keep ahead of attackers, we run Chrome Browser’s fuzzing infrastructure, ClusterFuzz, which comprises ten thousand virtual machines, to help us fuzz at scale and rapidly find regressions before they affect users. These vulnerabilities are automatically de-duplicated, filed and verified. We also provide our fuzzing service to improve the security of open source projects.


Support for Chrome Browser

Learn More About Enterprise Support for Chrome

Stay in the loop

Sign up for Google Cloud newsletters with product updates, event information, special offers and more.

Thank you.

Your request has been received.

Thank you.

You're almost done. We have sent a confirmation email. Check your inbox now to activate your email for Google Cloud.