Amid a pleethora of Artificial Intelligence (AI) Infrastructure and Model InnovationsCustomer Demonstrations and Other Cloud Announcements at Google cloud nextGoogle this week debuted a new google unified security (Gus) Platform, Delivering Innovations Across its steadily-road cyber portfolio as it seeks to deliver beetter outs Ever-mother deeply with its customers' Security Teams.
One of the most keenly felt pain points for Enterprise Security Leaders is the disconnected nature of the security product and services environment, with many organisations of company Point Security Solutions, Leaving them with Fragmened Silos of Data and a Mixed Up, even contradictory view of the Threat Landscape. This leaves them vulnerable and exposed to threat actors who know how to exploit these gaps.
Google Feels this pain too and, speaking to computer weekly ahead of the opening keys, google vice president of security engineering heather adkins said that this had clea The unified security platform,
“I'm excted for customers trust there are different things we now offer as a company,” said adkins. “I can't tell you how many many conversations I've had over the past 20 years trying to put there things together.”
At Its Core, Gus, Brings TogeTher a Range of Security Products and Services Including Threat Intelligence, Security Operations, Cloud Security and Secure Enerprise Browsing, Capability the Capability It acquired in 2022 through Mandiant, and Melds them Into a Converged Solution Powered by its Gemini Ai.
Google Claims This lays the foundations for “Superior Security Outcomes”, Creating a Single, Scalable and Searchable Security Data Fabric Fabric that Covers Users Users Users Users' Entacre Attack Surfaces, Providing Better Visibility And quicker detection and response spanning networks, endpoints, the cloud, and other applications, all enriched with up-to-dete Google Threat Intelligence and rendered more efficient with gem.
“The unified product creations this unified data layer that you can querry all the time,” said adkins. “So if i'm a ciso and i read about [Chinese APT] Salt typhoon In a magazine and I want to know if we are impacted, I can just ask. I don't have to sort out a threat and go and ask my soc [Security Operations Centre] to dive in.
“That's the promise of this. You can completely change the workflows, whather you're a ciso or a social analyst,” She said.
IDC Senior Research Director for Security and Trust, Michelle Abraham, Said: “Google Unified Security Represents a step forward in achieving batter security outs with the integration of the integration Behavior, Managed Threat Hunting, and Security Validation to Strategically Eliminate Coverage Gaps and Simplife Security Management and Threat Detection and Response.
“This Approach offers Organizations a more holistic and streamlined defense against today's complex threat landscape,” She said.
Is agentic ai the security pro's friend?
The scale and scope of what google is bringing togo with gus is extended, but with the spread of agentic ai across the enterprise predictably A big theme at google cloud nextExpectations at Google are high that the potential benefits of agents will extend to the cyber security realm. So says Google Vice President of Product Management, Brian Roddy
“I think customers are doing some interesting stuff with agentic ai,” He said. “Obvious people have started with things like customer support agents, but very quickly they are building tools that do deeper analysis, from tier one support to tier two and ultimately, tier Three.
“What we're trying to do is in a similar vein, just on security. Their lives as possible? “
Some of Google's biggest customers have alredy spent some time kicking the tires, and early customer feedback from these exercises seems broadly positive, said roddy.
“They really like this stuff. Traditionally required years of experience, “He said.
“If we can go five to 10 times the amount of reverse engineering, that's really bad news for the bad guys.
Google's Malware Analysis agent is designed to investigate whether code is safe or harmful. It analyses potentially malicious code and is also also able to create and execute scripts for deobfuscation, summarising its work and providing a final verdict.
Early training exercises with this particular tool have produced some interesting results. Indeed, in one Test run on a sample of the wannacry ransomware worm that write havoc on the nhs in May 2017, the ai was able to find the ransomware's kill switch and Neuter it in a mere 34 seconds.
It Took Marcus Hutchins, The Threat Intel Analyst who first uncovered the kill switch and used it to Sinkhole the malware Seven hours to achieve the same feat.
AlongSide the malware analysis agent which will go into preview for selected customers by the end of June, google will also also offer an alert triage agent to perform dynamic in the users.
The triage agent will analyse the context of each alert, gather relevant information, and render a verdict on the alert, Accompanied by a History of its evidence and decision-making priests. Google said the always-on agent will “vastly Reduce” the manual work of tier one and two soc analysts who may otherWise spend hours looking hours looking into hundreds of “dead end” alerts Every Day.
“These are the first expert agents We're introducing, there are many more coming,” said Peter Bailey, Google Cloud Security Vice President and General Manager. “We see this as just a transformational way to run a tdir [Threat Detection and Incident Response] Pipeline far faster with far better outcomes. “