Google Cloud intros AI security agents, unified security platform to consolidate ops, triage, threat intel

Enterprise infrastructure is more and more advanced, which means defending it’s, too. 

The assault floor is extra expansive than ever, and lots of enterprises have a patchwork quilt of safety instruments, making it tough to realize a cohesive understanding of their safety posture. Add in AI — and all of the threats it brings — and safety groups are scrambling to maintain up. 

With a brand new Google Unified Safety platform, Google Cloud goals to resolve this drawback — or at the least scale back cybersecurity ache factors. In the present day, the tech big rolled out the brand new providing, together with new safety brokers and several other different safety capabilities, at Google Cloud Subsequent. 

Google Unified Safety “creates a single, scalable, searchable safety information material throughout all the assault floor,” Brian Roddy, VP of product administration, and Peter Bailey, VP of safety operations at Google Cloud, wrote in a weblog put up right this moment. 

Supporting preemptive safety

Google Unified Safety combines Google’s safety operations, cloud safety, menace intelligence, safe enterprise shopping and Mandiant experience into one platform powered by Gemini and that includes semi-autonomous AI. In response to Google, it provides preemptive safety by offering visibility throughout networks, clouds, apps, and endpoints.

Roddy and Bailey clarify that the aim is to assist enterprises anticipate and remediate threats earlier than they change into realities and forestall attackers from getting right into a system. The platform integrates Chrome Enterprise and Google Risk Intelligence information to assist detection and remediation and check safety controls towards the most recent identified attacker actions. 

Google Unified Safety helps enhance enterprise safety posture with browser conduct, managed menace looking and safety validation integrations, stated Michelle Abraham, IDC’s senior analysis director for safety and Belief. “This strategy provides organizations a extra holistic and streamlined protection towards right this moment’s advanced menace panorama,” she stated. 

Bashar Abouseido, CISO at Charles Schwab, stated Google’s automated response capabilities have “dramatically diminished” the monetary companies firm’s investigation decision time whereas offering higher visibility throughout its computing atmosphere. 

“Google is reworking safety operations and enabling our imaginative and prescient to remain proactive in responding to cyber threats,” he stated. “The platform has empowered our workforce to deal with strategic initiatives and excessive worth work.” 

Google Cloud can also be working intently with Deloitte Cyber; Adnan Amjad, principal and U.S. cyber chief at Deloitte and Touche LLP famous that Google Unified Safety “brings collectively a centralized information material, built-in menace intelligence, unified SOC and cloud workflows and agentic AI automation — creating a strong platform to drive our purchasers’ safety transformation.” 

Brokers for alert triage, malware evaluation

Agentic AI is a sizzling matter within the enterprise proper now. AI agents will ultimately have the ability to work independently and carry out duties autonomously. Google goals to get a head begin on this space, right this moment saying two new semi-autonomous Gemini safety brokers for alert triage and malware evaluation. 

Within the firm’s Google Safety Operations providing, an alert triage agent will examine alerts and their context and collect related data earlier than rendering a verdict. It is going to assist this with proof and its step-by-step decision-making. 

“This always-on investigation agent will vastly scale back the guide workload of Tier 1 and Tier 2 analysts who in any other case are triaging and investigating tons of of alerts each day, ” Roddy and Bailey wrote. 

In the meantime, a malware evaluation agent built-in into Google Risk Intelligence will analyze probably malicious code. The agent can create and execute scripts for deobfuscation — when menace actors deliberately make code obscure or reverse engineer — and provide a last verdict and a abstract of its work and findings. 

Google Cloud expects to preview each brokers with choose clients in Q2 this 12 months. 

Roddy and Bailey assert that AI brokers “characterize a catalyst for safety groups to cut back toil, construct true cyber-resilience and drive strategic program transformation.” 

“Agentic AI is powering a basic shift in how safety operations are performed,” they write. “Our imaginative and prescient is a future the place clever brokers work alongside human analysts, offloading routine duties, augmenting their decision-making and liberating them to deal with advanced points.” 

Google Cloud introduces new DSPM capabilities, compliance administration

Little question, AI is among the most transformative applied sciences in enterprise right this moment — however its prevalence throughout enterprise workflows additionally makes it a severe safety threat. Google Cloud is updating its Safety Command Heart, together with particular AI protections and a “Mannequin Armor” that integrates immediately into Vertex AI. 

With the brand new protections, safety groups can uncover AI stock, safe fashions and information and detect and reply to threats particularly concentrating on AI programs. With Mannequin Armor, they will apply content material security and safety controls round prompts and responses for numerous fashions and clouds. 

Together with these new capabilities, Google can also be introducing a brand new information safety posture administration (DSPM) instrument to assist enterprises uncover and classify delicate information, set and implement information safety and compliance controls and monitor for violations. Additional, Safety Command Heart now contains a new compliance supervisor that gives a full view of an enterprise’s compliance state.  

Different safety bulletins from Google Cloud Subsequent: 

• New information pipeline administration capabilities in Google Safety Operations that allow enterprises to rework and put together information for downstream use, filter and route it to completely different locations and redact delicate information. 
• Chrome Enterprise updates, together with new phishing protections towards lookalike websites and different portals that try to steal person credentials. Organizations can even configure belongings and branding to struggle towards phishing makes an attempt disguised on inner domains. 
• New Mandiant Risk Protection service for Google Safety Operations. Mandiant consultants can work alongside clients’ safety groups and assist AI-assisted menace looking, carry out investigations and launch responses primarily based on safety orchestration, automation and response (SOAR) playbooks.