At its annual Cloud Next conference in Las Vegas, Google on Tuesday introduced new cloud-based security products and services — as well as updates to existing products and services — targeting customers who manage large, multi-tenant enterprise networks.
Many of the ads had something to do with Gemini, Google's leading family of generative AI models.
For example, Google unveiled Gemini in Threat Intelligence, a new Gemini-powered component of the company's Mandiant cybersecurity platform. Now in public preview, Threat Intelligence's Gemini can analyze large chunks of potentially malicious code and allow users to perform natural language searches for persistent threats or indicators of compromise, as well as summarize open source intelligence reports from around the web.
“Gemini in Threat Intelligence now delivers conversational search across Mandiant’s massive and growing repository of threat intelligence straight from investigations on the front lines,” Sunil Potti, general manager of cloud security at Google, wrote in a blog post shared with TechCrunch. “Gemini will take users to the most relevant pages in the integrated platform for deeper investigation… Additionally, (Google's malware detection service) VirusTotal now automatically ingests OSINT reports, which Gemini summarizes directly into the platform.”
Elsewhere, Gemini can now assist with cybersecurity investigations at Chronicle, Google's cybersecurity telemetry offering for cloud customers. Scheduled to be rolled out by the end of the month, this new capability guides security analysts through their typical workflow, recommending actions based on the context of a security investigation, summarizing security event data and creating intrusion and exploit detection rules from a chatbot-like interface.
And in the Security Command Center, Google's enterprise cybersecurity and risk management group, a new feature based on Gemini allows security teams to search for threats using natural language while providing summaries of misconfigurations, vulnerabilities, and potential attack paths.
Complementing the security updates was Privileged Access Manager (in preview), a service that provides timely, time-bound and consent-based access options, designed to help mitigate the risks associated with abuse of privileged access. Google is also rolling out Master Access Limits (also in preview), which allows administrators to implement restrictions on users at the network root level so that those users can only access authorized resources within specifically defined limits.
Finally, Autokey (in preview) aims to simplify the generation and management of customer encryption keys for high-security use cases, while Audit Manager (also in preview) provides tools for Google Cloud customers in regulated industries to create proof of compliance for their workloads and clouds. -Hosted data.
“Generative AI offers tremendous potential to tip the scales in favor of defenders,” Botti wrote in a blog post. “And we continue to infuse AI-driven capabilities into our products.”
Google isn't the only company trying to produce AI-powered generative security tools. Microsoft last year launched a suite of services that leverage generative AI to correlate data related to attacks with prioritization of cybersecurity incidents. Startups, including Aim Security, are also jumping into the fray, aiming to corner the emerging space.
But with generative AI prone to making mistakes, it remains to be seen whether these tools have staying power.
