At Google Cloud’s virtual Security Summit this week, the organisation has shared more details of its expanding vision around safeguarding artificial intelligence (AI), both in terms deploying AI’s capabilities in the service of improving resilience with new agentic security operations centre (SOC) capabilities and features, and securing its customers’ future AI development projects.
Google leadership spoke of an “unprecedented” opportunity for end-user organisations to redefine their security postures and reduce risk around their AI investments.
The firm’s vision of the agentic SOC is an “integrated experience” whereby detection engineering workflows are streamlined based on AI agents optimising data pipelines, automating alert triage, investigation and response in a system whereby they are able to coordinate their actions in support of a shared goal.
Its new alert investigation agent, which was first announced back at Google Cloud Next in April but enters preview today for a number of users, will supposedly enrich events, analyse command line interfaces (CLIs), and build process trees based on the work of the human analysts at Google Cloud’s Mandiant unit.
The resulting alert summaries will be accompanied by recommendations for human defenders, which Google believes may help defenders drastically cut down both manual effort and response times.
“We’re excited about the new capabilities that we’re bringing to market across our security portfolio to help organisations not only continue to innovate with AI, but also leverage AI to keep their organisation secure,” Google Cloud’s Naveed Makhani, product lead for security AI, told Computer Weekly.
“One of the biggest security improvements that we’re announcing is within our AI Protection solution. As organisations rapidly adopt AI, we’re developing new capabilities to help them keep their initiatives secure,” added Makhani.
In this space, Google today announced three new capabilities within its Agentspace and Agent Builder tools that it hopes will protect customer-developed AI agents.
These include new agent inventory and risk identification capabilities to help security teams better spot potential vulnerabilities, misconfigurations, or dodgy interactions among their agents, better safeguards against prompt injection and jailbreaking attacks, and enhanced threat detection within Security Command Centre.
Elsewhere, Google added enhancements to its Unified Security (GUS) offering – also unveiled earlier this year – including a security operations laboratory feature offering early access to experimental AI tools for threat parsing, detection and response, dashboards to better visualise, analyse and act on security data, and the porting of security features present in the Android version of its Chrome browser to Apple’s iOS. Trusted Cloud, meanwhile, gains several updates around compliance, posture management, risk report, agentic identity and access management (IAM), data protection, and network security.
AI consulting
Based on Mandiant data suggesting that its human analysts are increasingly seeing customer demands for guidance around cyber security for AI applications, Google will also introduce more AI specific offerings within the overall solution set offered by Mandiant’s consultants.
“Mandiant Consulting now provides risk-based AI governance, pre-deployment guidance for AI environment hardening, and AI threat modelling. Partnering with Mandiant can empower organisations to embrace AI technologies while mitigating security risks,” said Google.
Source link
