Google Cloud intros AI security agents, unified security platform to consolidate ops, triage, threat intel

Enterprise infrastructure is increasingly complex, meaning protecting it is, too. 

The attack surface is more expansive than ever, and many enterprises have a patchwork quilt of security tools, making it difficult to gain a cohesive understanding of their security posture. Add in AI — and all the threats it brings — and security teams are scrambling to keep up. 

With a new Google Unified Security platform, Google Cloud aims to solve this problem — or at least reduce cybersecurity pain points. Today, the tech giant rolled out the new offering, along with new security agents and several other security capabilities, at Google Cloud Next. 

Google Unified Security “creates a single, scalable, searchable security data fabric across the entire attack surface,” Brian Roddy, VP of product management, and Peter Bailey, VP of security operations at Google Cloud, wrote in a blog post today. 

Supporting preemptive security

Google Unified Security combines Google’s security operations, cloud security, threat intelligence, secure enterprise browsing and Mandiant expertise into one platform powered by Gemini and featuring semi-autonomous AI. According to Google, it offers preemptive security by providing visibility across networks, clouds, apps, and endpoints.

Roddy and Bailey explain that the goal is to help enterprises anticipate and remediate threats before they become realities and prevent attackers from getting into a system. The platform integrates Chrome Enterprise and Google Threat Intelligence data to support detection and remediation and test security controls against the latest known attacker activities. 

Google Unified Security helps improve enterprise security posture with browser behavior, managed threat hunting and security validation integrations, said Michelle Abraham, IDC’s senior research director for security and Trust. “This approach offers organizations a more holistic and streamlined defense against today’s complex threat landscape,” she said. 

Bashar Abouseido, CISO at Charles Schwab, said Google’s automated response capabilities have “dramatically reduced” the financial services company’s investigation resolution time while providing better visibility across its computing environment. 

“Google is transforming security operations and enabling our vision to stay proactive in responding to cyber threats,” he said. “The platform has empowered our team to focus on strategic initiatives and high value work.” 

Google Cloud is also working closely with Deloitte Cyber; Adnan Amjad, principal and U.S. cyber leader at Deloitte and Touche LLP noted that Google Unified Security “brings together a centralized data fabric, integrated threat intelligence, unified SOC and cloud workflows and agentic AI automation — creating a powerful platform to drive our clients’ security transformation.” 

Agents for alert triage, malware analysis

Agentic AI is a hot topic in the enterprise right now. AI agents will eventually be able to work independently and perform tasks autonomously. Google aims to get a head start in this area, today announcing two new semi-autonomous Gemini security agents for alert triage and malware analysis. 

In the company’s Google Security Operations offering, an alert triage agent will investigate alerts and their context and gather relevant information before rendering a verdict. It will support this with evidence and its step-by-step decision-making. 

“This always-on investigation agent will vastly reduce the manual workload of Tier 1 and Tier 2 analysts who otherwise are triaging and investigating hundreds of alerts daily, ” Roddy and Bailey wrote. 

Meanwhile, a malware analysis agent integrated into Google Threat Intelligence will analyze potentially malicious code. The agent can create and execute scripts for deobfuscation — when threat actors intentionally make code difficult to understand or reverse engineer — and offer a final verdict and a summary of its work and findings. 

Google Cloud expects to preview both agents with select customers in Q2 this year. 

Roddy and Bailey assert that AI agents “represent a catalyst for security teams to reduce toil, build true cyber-resilience and drive strategic program transformation.” 

“Agentic AI is powering a fundamental shift in how security operations are conducted,” they write. “Our vision is a future where intelligent agents work alongside human analysts, offloading routine tasks, augmenting their decision-making and freeing them to focus on complex issues.” 

Google Cloud introduces new DSPM capabilities, compliance management

No doubt, AI is one of the most transformative technologies in enterprise today — but its prevalence across enterprise workflows also makes it a serious security risk. Google Cloud is updating its Security Command Center, including specific AI protections and a “Model Armor” that integrates directly into Vertex AI. 

With the new protections, security teams can discover AI inventory, secure models and data and detect and respond to threats specifically targeting AI systems. With Model Armor, they can apply content safety and security controls around prompts and responses for various models and clouds. 

Along with these new capabilities, Google is also introducing a new data security posture management (DSPM) tool to help enterprises discover and classify sensitive data, set and enforce data security and compliance controls and monitor for violations. Further, Security Command Center now features a new compliance manager that provides a full view of an enterprise’s compliance state.  

Other security announcements from Google Cloud Next: 

• New data pipeline management capabilities in Google Security Operations that enable enterprises to transform and prepare data for downstream use, filter and route it to different destinations and redact sensitive data. 
• Chrome Enterprise updates, including new phishing protections against lookalike sites and other portals that attempt to steal user credentials. Organizations can also configure assets and branding to fight against phishing attempts disguised on internal domains. 
• New Mandiant Threat Defense service for Google Security Operations. Mandiant experts can work alongside customers’ security teams and support AI-assisted threat hunting, perform investigations and launch responses based on security orchestration, automation and response (SOAR) playbooks. 

Keep your files stored safely and securely with the SanDisk 2TB Extreme Portable SSD. With over 69,505 ratings and an impressive 4.6 out of 5 stars, this product has been purchased over 8K+ times in the past month. At only $129.99, this Amazon’s Choice product is a must-have for secure file storage. Help keep private content private with the included password protection featuring 256-bit AES hardware encryption. Order now for just $129.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress. As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!

BITCOIN bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge Scan the QR code with your crypto wallet app

DOGECOIN D64GwvvYQxFXYyan3oQCrmWfidf6T3JpBA Scan the QR code with your crypto wallet app

ETHEREUM 0xe9BC980DF3d985730dA827996B43E4A62CCBAA7a Scan the QR code with your crypto wallet app