Google Cloud intros AI security agents, unified security platform to consolidate ops, triage, threat intel

Enterprise infrastructure is increasingly complex, meaning protecting it is, too. 

The attack surface is more expansive than ever, and many enterprises have a patchwork quilt of security tools, making it difficult to gain a cohesive understanding of their security posture. Add in AI — and all the threats it brings — and security teams are scrambling to keep up. 

With a new Google Unified Security platform, Google Cloud aims to solve this problem — or at least reduce cybersecurity pain points. Today, the tech giant rolled out the new offering, along with new security agents and several other security capabilities, at Google Cloud Next. 

Google Unified Security “creates a single, scalable, searchable security data fabric across the entire attack surface,” Brian Roddy, VP of product management, and Peter Bailey, VP of security operations at Google Cloud, wrote in a blog post today. 

Supporting preemptive security

Google Unified Security combines Google’s security operations, cloud security, threat intelligence, secure enterprise browsing and Mandiant expertise into one platform powered by Gemini and featuring semi-autonomous AI. According to Google, it offers preemptive security by providing visibility across networks, clouds, apps, and endpoints.

Roddy and Bailey explain that the goal is to help enterprises anticipate and remediate threats before they become realities and prevent attackers from getting into a system. The platform integrates Chrome Enterprise and Google Threat Intelligence data to support detection and remediation and test security controls against the latest known attacker activities. 

Google Unified Security helps improve enterprise security posture with browser behavior, managed threat hunting and security validation integrations, said Michelle Abraham, IDC’s senior research director for security and Trust. “This approach offers organizations a more holistic and streamlined defense against today’s complex threat landscape,” she said. 

Bashar Abouseido, CISO at Charles Schwab, said Google’s automated response capabilities have “dramatically reduced” the financial services company’s investigation resolution time while providing better visibility across its computing environment. 

“Google is transforming security operations and enabling our vision to stay proactive in responding to cyber threats,” he said. “The platform has empowered our team to focus on strategic initiatives and high value work.” 

Google Cloud is also working closely with Deloitte Cyber; Adnan Amjad, principal and U.S. cyber leader at Deloitte and Touche LLP noted that Google Unified Security “brings together a centralized data fabric, integrated threat intelligence, unified SOC and cloud workflows and agentic AI automation — creating a powerful platform to drive our clients’ security transformation.” 

Agents for alert triage, malware analysis

Agentic AI is a hot topic in the enterprise right now. AI agents will eventually be able to work independently and perform tasks autonomously. Google aims to get a head start in this area, today announcing two new semi-autonomous Gemini security agents for alert triage and malware analysis. 

In the company’s Google Security Operations offering, an alert triage agent will investigate alerts and their context and gather relevant information before rendering a verdict. It will support this with evidence and its step-by-step decision-making. 

“This always-on investigation agent will vastly reduce the manual workload of Tier 1 and Tier 2 analysts who otherwise are triaging and investigating hundreds of alerts daily, ” Roddy and Bailey wrote. 

Meanwhile, a malware analysis agent integrated into Google Threat Intelligence will analyze potentially malicious code. The agent can create and execute scripts for deobfuscation — when threat actors intentionally make code difficult to understand or reverse engineer — and offer a final verdict and a summary of its work and findings. 

Google Cloud expects to preview both agents with select customers in Q2 this year. 

Roddy and Bailey assert that AI agents “represent a catalyst for security teams to reduce toil, build true cyber-resilience and drive strategic program transformation.” 

“Agentic AI is powering a fundamental shift in how security operations are conducted,” they write. “Our vision is a future where intelligent agents work alongside human analysts, offloading routine tasks, augmenting their decision-making and freeing them to focus on complex issues.” 

Google Cloud introduces new DSPM capabilities, compliance management

No doubt, AI is one of the most transformative technologies in enterprise today — but its prevalence across enterprise workflows also makes it a serious security risk. Google Cloud is updating its Security Command Center, including specific AI protections and a “Model Armor” that integrates directly into Vertex AI. 

With the new protections, security teams can discover AI inventory, secure models and data and detect and respond to threats specifically targeting AI systems. With Model Armor, they can apply content safety and security controls around prompts and responses for various models and clouds. 

Along with these new capabilities, Google is also introducing a new data security posture management (DSPM) tool to help enterprises discover and classify sensitive data, set and enforce data security and compliance controls and monitor for violations. Further, Security Command Center now features a new compliance manager that provides a full view of an enterprise’s compliance state.  

Other security announcements from Google Cloud Next: 

• New data pipeline management capabilities in Google Security Operations that enable enterprises to transform and prepare data for downstream use, filter and route it to different destinations and redact sensitive data. 
• Chrome Enterprise updates, including new phishing protections against lookalike sites and other portals that attempt to steal user credentials. Organizations can also configure assets and branding to fight against phishing attempts disguised on internal domains. 
• New Mandiant Threat Defense service for Google Security Operations. Mandiant experts can work alongside customers’ security teams and support AI-assisted threat hunting, perform investigations and launch responses based on security orchestration, automation and response (SOAR) playbooks. 

Daily insights on business use cases with VB Daily

If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.

Read our Privacy Policy

Thanks for subscribing. Check out more VB newsletters here.

An error occured.

Help Power Techcratic’s Future – Scan To Support

BITCOIN bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge Scan the QR code with your crypto wallet app

DOGECOIN D64GwvvYQxFXYyan3oQCrmWfidf6T3JpBA Scan the QR code with your crypto wallet app

ETHEREUM 0xe9BC980DF3d985730dA827996B43E4A62CCBAA7a Scan the QR code with your crypto wallet app