On Thursday, at the 2017 Google Cloud Next conference in San Francisco, leaders from Google’s cloud business took the stage to explain the infrastructure investments that have been made in the platform, and to announce new features in compute, security, economics, and more.

Urs Hölzle, the senior vice president of technical infrastructure and Google, opened the day two keynote with some statistics–claiming that the Google Cloud services touch one billion end users every day. And, to open the platform up to more users around the world, Hölzle said that new Google Cloud Platform (GCP) regions in the Netherlands, Canada, and California will be coming in 2017 and 2018.

On the compute side of things, Google Cloud customers will now have access to 64-core GCP VMs with up to 416 GB of memory. It was also noted in the presentation that Google is the first to have cloud services on the next-generation Intel Xeon Skylake processors.

SEE: Why machine learning and data analysis are critical to Google’s success in the cloud

One of the big draws for many organizations looking at the cloud is the perceived flexibility of cost. However, cloud users waste up to 45% of their spend on resources they bought, that they can’t use, Hölzle said, citing the most recent Rightscale State of the Cloud report.

Typical three-year VM leases are fixed and inflexible, Hölzle said, which is why Google began offering automatic sustained discounts in 2014. Now, Google will also be offering committed-use discounts. One-year or three-year commitments by customers will mean up to a 57% discount. However, they only commit to overall volume, but they can change machine types at any time.

Security was also a big part of Google Cloud announcements beginning with the unveiling of Titan.

“Titan is a purpose-built chip to establish hardware root of trust for both machines and peripherals on cloud infrastructure,” according to a slide in the presentation.

Another new tool was Data Loss Prevention, an API that allows users to discover PII and sensitive data in their content and take actions to protect it. For example, if a picture of a credit card shows up in a customer service chat, it will automatically block out the numbers on the card.

Google’s Cloud Key Management Service, announced in beta in January, was moved to general availability during the keynote address. Also, Security Key Enforcement is now available to G Suite users, to help them enforce phishing-resistant authentication.

Additionally, Identity Aware Proxy (IAP), was also announced in beta. According to Hölzle, IAP “enables you to configure secure, controlled access to your applications.”

Windows developers also got a shout-out, with the SQL Server Enterprise moving to general availability, and .NET core support coming to App Engine and Container Engine. A new Windows migration partner program will also help further support Windows developers in the Google Cloud.

Moving forward into the serverless space, a new feature called Cloud Functions provides a platform for building event-based microservices. Another new tool is the App Engine Flexible Environment, which will automatically scale an app up and down while balancing the load for the developer.

Google is known for its work with data, and one of its big tools is data warehouse tool BigQuery. Now, developers can use the Google BigQuery data transfer service to automate the transfer of data from SaaS application into BigQuery on a scheduled basis. Also, another new tool called Cloud Dataprep will help users explore and clean their data to prepare it for analysis. It will use machine learning to suggest more actions a user can take to make their data even cleaner.