Enterprise infrastructure is increasingly complex, meaning protecting it is, too.
The attack surface is more expansive than ever, and many enterprises have a patchwork quilt of security tools, making it difficult for them to gain a cohesive understanding of their security posture. Add in AI — and all the threats it brings — and security teams are scrambling to keep up.
Google Cloud aims to solve this problem — or at least reduce cybersecurity pain points — with a new Google Unified Security platform. The tech giant rolled out the new offering, along with new security agents and several other security capabilities, today at Google Cloud Next.
Google Unified Security “creates a single, scalable, searchable security data fabric across the entire attack surface,” Brian Roddy, VP of product management and Peter Bailey, VP of security operations at Google Cloud wrote in a blog post today.
Supporting preemptive security
Google Unified Security brings together Google’s security operations, cloud security, threat intelligence, secure enterprise browsing and Mandiant expertise into one platform powered by Gemini and featuring semi-autonomous AI. It offers preemptive security, according to Google, as it provides visibility across networks, clouds, apps and endpoints.
The goal is to help enterprises anticipate and remediate threats before they become realities and prevent attackers from getting into a system, Roddy and Bailey explain. The platform integrates data from Chrome Enterprise and Google Threat Intelligence to support detection and remediation and test security controls against the latest known attacker activities.
Google Unified Security helps improve enterprise security posture with browser behavior, managed threat hunting and security validation integrations, said Michelle Abraham, IDC’s senior research director for security and Trust. “This approach offers organizations a more holistic and streamlined defense against today’s complex threat landscape,” she said.
Bashar Abouseido, CISO at Charles Schwab, said Google’s automated response capabilities have “dramatically reduced” financial services company’s investigation resolution time while providing better visibility across its computing environment.
“Google is transforming security operations and enabling our vision to stay proactive in responding to cyber threats,” he said. “The platform has empowered our team to focus on strategic initiatives and high value work.”
Google Cloud is also working closely with Deloitte Cyber; Adnan Amjad, principal and U.S. cyber leader at Deloitte and Touche LLP noted that Google Unified Security “brings together a centralized data fabric, integrated threat intelligence, unified SOC and cloud workflows and agentic AI automation — creating a powerful platform to drive our clients’ security transformation.”
Agents for alert triage, malware analysis
Agentic AI is a hot topic in the enterprise right now — AI agents will eventually be able to work on their own and perform tasks autonomously. Google aims to get a head start in this area, today announcing two new semi-autonomous Gemini security agents for alert triage and malware analysis.
In the company’s Google Security Operations offering, an alert triage agent will investigate alerts and their context and gather relevant information before rendering a verdict. It will support this with evidence and its step-by-step decision-making.
“This always-on investigation agent will vastly reduce the manual workload of Tier 1 and Tier 2 analysts who otherwise are triaging and investigating hundreds of alerts per day,” write Roddy and Bailey.
Meanwhile, a malware analysis agent integrated into Google Threat Intelligence will analyze potentially malicious code. The agent can create and execute scripts for deobfuscation — when threat actors intentionally make code difficult to understand or reverse engineer — and also offer a final verdict and a summarization of its work and findings.
Google Cloud expects to preview both agents with select customers in Q2 this year.
Roddy and Bailey assert that AI agents “represent a catalyst for security teams to reduce toil, build true cyber-resilience and drive strategic program transformation.”
“Agentic AI is powering a fundamental shift in how security operations are conducted,” they write. “Our vision is a future where intelligent agents work alongside human analysts, offloading routine tasks, augmenting their decision-making and freeing them to focus on complex issues.”
Google Cloud introduces new DSPM capabilities, compliance management
No doubt, AI is one of the most transformative technologies in enterprise today — but its prevalence across enterprise workflows also makes it a serious security risk. Google Cloud is making updates to its Security Command Center that include specific AI protections and a “Model Armor” that integrates directly into Vertex AI.
With the new protections, security teams can discover AI inventory, secure models and data and detect and respond to threats specifically targeting AI systems. With Model Armor, they can apply content safety and security controls around prompts and responses for various models and clouds.
Along with these new capabilities, Google is also introducing a new data security posture management (DSPM) tool to help enterprises discover and classify sensitive data, set and enforce data security and compliance controls and monitor for violations. Further, Security Command Center now features a new compliance manager that provides a full view of an enterprise’s compliance state.
Other security announcements from Google Cloud Next:
- New data pipeline management capabilities in Google Security Operations that enable enterprises to transform and prepare data for downstream use, filter and route it to different destinations and redact sensitive data.
- Chrome Enterprise updates, including new phishing protections against lookalike sites and other portals that attempt to steal user credentials. Organizations can also configure assets and branding to fight against phishing attempts disguised on internal domains.
- New Mandiant Threat Defense service for Google Security Operations. Mandiant experts can work alongside customers’ security teams and support AI-assisted threat hunting, perform investigations and launch responses based on security orchestration, automation and response (SOAR) playbooks.
The post Google Cloud intros AI security agents, unified security platform to consolidate ops, triage, threat intel appeared first on Venture Beat.