Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

Google Debuts New Security Products, Hyping AI and Mandiant Expertise

Google rolls out new threat-intel and security operations products and looks to the magic of AI to tap into the booming cybersecurity market.

Google Cloud AI Features

Just shy of two years after its $5.6 billion all-cash purchase of Mandiant, Google’s ambitious enterprise security strategy is starting to take shape with the rollout of new threat-intel and security operations products and a boast to use the magic of AI to tap into the booming cybersecurity market.

The search marketing giant used the spotlight of the RSA Conference on Monday to unveil the new products — Google Threat Intelligence and Google Security Operations — and push the value of AI-powered tools in enterprise cybersecurity programs.

Google has long struggled for relevance in enterprise cybersecurity but with the Mandiant assets in hand, the company is now pushing a threat-intel product hyping “unmatched depth” of breach forensics expertise, the “global reach” of its VirusTotal malware scanning service and the “breadth of visibility” it can deliver from billions of signals across devices and emails. 

The company said the security products would showcase its Gemini AI-powered agent to add conversational search tooling across its repository of threat intelligence data.

The Google Threat Intelligence will take its place alongside the new Google Security Operations, Mandiant Consulting, Security Command Center Enterprise, and Chrome Enterprise.

The plan is to take data and insights from Mandiant’s incident response and threat research teams, combine them with telemetry from Google’s massive user and device footprint; and make use of VirusTotal’s crowdsourced malware database to sell observability and visibility tooling to corporate defenders.

Google says it protects 4 billion devices and 1.5 billion email accounts, and blocks 100 million phishing attempts per day; while Mandiant’s incident responders and security consultants handle about 1,100 breach investigations every year.

The standalone threat-intel product will use Gemini to analyze potentially malicious code and provide a summary of findings, features the company hopes will supercharge the threat research processes, augment defense capabilities, and reduce the time it takes to identify and protect against malicious threats. 

Advertisement. Scroll to continue reading.

“Customers now have the ability to condense large data sets in seconds, quickly analyze suspicious files, and simplify challenging manual threat intelligence tasks,” the company said.

The second product, called Google Security Operations, also promotes the use of generative-AI technology to simplify threat detection, investigation, and response in large organizations.

Google said the addition of Gemini in Security Operations can reduce the time security analysts spend writing, running, and refining searches and triaging complex cases. “Security teams can search for additional context, better understand threat actor campaigns and tactics, initiate response sequences and receive guided recommendations on next steps — all using natural language,” the company said.

The product contains a new Investigation Assistant feature aimed at helping security professionals make faster decisions and respond to threats by answering questions, summarizing events, hunting for threats, creating rules, and receiving recommended actions based on the context of investigations. 

A separate feature, called Playbook Assistant, is also being built to help security teams create response playbooks, customize configurations, and incorporate best practices.

Related: Microsoft Flexes Security Vendor Muscles With Managed Services

Related: Google to Acquire Mandiant for $5.4 Billion in Cash

Related: Why Google Acquired VirusTotal

Related: Microsoft’s Security Chickens Have Come Home to Roost

Related: US Gov Rips Microsoft for Shoddy Security, Poor Response to Chinese Hack

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Fastly announced that Scott Lovett will join the company as Chief Revenue Officer, effective June 3, 2024.

Digital transformation consulting firm Synechron has hired Aaron Momin as CISO.

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

More People On The Move

Expert Insights