Google Unveils Unified Security Platform with AI-Powered Agents to Combat Cyberthreats

How Google's new Unified Security platform aims to simplify the fight against cyberthreats

Designed for enterprise security professionals, Google Unified Security brings different tools together in one platform to reduce complexity and confusion. Security professionals tasked with protecting their organizations from cyberthreats often have to juggle a host of different programs, services, and products. That scattershot approach can make their work unnecessarily challenging. Now, Google has unveiled a new platform designed to unify and simplify the tools for dealing with the demands of cybersecurity. Also: Why delaying software updates could cost you more than you think Unveiled at Google Cloud Next 2025 on Wednesday, Google Unified Security is an integrated system that brings different security products together. Powered by AI, the new platform incorporates threat intelligence, security operations, cloud security, Chrome enterprise browsing, and even expertise from security provider and Google subsidiary Mandiant. Now available to enterprise customers, Google Unified Security aims to help organizations detect and respond to security threats. The platform is designed to work across all potential attack areas, including networks, endpoints, cloud-based services, and applications. Security pros will get a heads-up on the latest cyberthreats via Google Threat Intelligence, which combines Gemini AI insight with open-source intel from the security community. Also: I clicked on four sneaky online scams on purpose - to show you how they work "Enterprise infrastructure continues to grow in size and complexity, expanding the attack surface, and making defenders' jobs increasingly difficult," Google said in a blog post published Wednesday. "Separate, disconnected security tools result in fragmented data without relevant context, leaving organizations vulnerable and reactive in the face of escalating threats. Security teams operate in silos, slowed by toilsome workflows, making it hard to accurately assess and improve the organization's overall risk profile." The goal is to help organizations preemptively respond to threats before they inflict damage and financial loss. With that in mind, Google Unified Security will offer the following security features: As the latest AI trend, AI agents will be a key part of Google Unified Security via the company's Gemini tool. Launching in preview mode during the second quarter for Google Threat Intelligence, a malware analysis agent can investigate computer code. The agent will specifically scan for malicious code, summarize its findings, and then offer recommendations. Also: Clicked on a phishing link? 7 steps to take immediately to protect your accounts Also expected to roll out in preview during the second quarter for Google Security Operations, an alert triage agent will check out each security alert you receive, compile relevant details, and then present its analysis. This agent is designed to help Tier 1 and Tier 2 security analysts who may have to investigate and triage hundreds of alerts daily. "Agentic Al is powering a fundamental shift in how security operations are conducted," Google said. "Our vision is a future where intelligent agents work alongside human analysts, offloading routine tasks, augmenting their decision-making, and freeing them to focus on complex issues." Beyond unifying many security products and services, Google is enhancing several tools individually. Google Security Operations is gaining new management features to help you better scale its use, reduce costs, and meet compliance requirements. You'll be able to filter the security data you receive, share it throughout your organization, and redact any sensitive data for compliance reasons. Also: Deleting your personal info from Google Search is stunningly easy now - and fast Google is also adding its new Mandiant Threat Defense service to its Security Operations. Here, experts from the Mandiant subsidiary will work with your security teams to identify and deal with threats, run investigations into security incidents, and plan your response. Next, Google is expanding its cyber-insurance options by adding Beazley and Chubb as new partners. The program will now offer AI insurance coverage, while Chubb will cover Google Cloud customers for any risks that result from quantum computing attacks. For Chrome Enterprise, Google is adding new phishing protection via its safe browsing feature. The protection is designed to help employees avoid malicious and scam websites that attempt to capture their login credentials or other sensitive data. You can customize the feature with your organization's branding to thwart phishing attacks that spoof your domain. Finally, Google is expanding its Mandiant Cybersecurity Consulting arm. Here, Mandiant Consulting will partner with Rubrik and Cohesity to help your organization minimize downtime and recovery costs in the event of a cyberattack. Experts from these companies can work with you to set up a recovery environment on Google Cloud and provide incident response services.

Google Unified Security brings the power of AI to your security suite

Threat Intelligence from Mandiant will help your business spot threats before they strike Google Cloud has unveiled a new unified security platform designed to take the stress out of keeping your business safe from the latest threats. The company has unveiled Google Unified Security, affectionately known as GUS, at its Google Cloud Next 25 event in Las Vegas, promising a major step forward in threat detection and mitigation. Unsurprisingly, Google Unified Security will be outfitted with the company's latest AI tools and services to maximize the options available to customers. The launch of Google Unified Security comes as businesses around the globe face what the company calls a "new era of security and privacy". The company says that as a business grows, its infrastructure inevitably becomes more complex, expanding the possible attack surface, and increasing the need for a unified security platform, as separate and disconnected security tools can leave data fragmented, as well as opening firms up to attack. Customers will be able to use Google Unified Security to access a single interface for all their data, offering improving visibility, detection and response capabilities. The company promises the latest Google Threat Intelligence findings will be made available to users, and Gemini will of course also be present to offer advice and guidance. Users will be able to access telemetry and other data from Chrome Enterprise to ensure they stay safe from possible threats, which can be monitored from Security Command Center. Employees can also benefit from new phishing protections in Chrome Enterprise Premium, with employers able to add their own branding and corporate assets in order to boost identification. Google's Security Operations platform is also getting a boost thanks to new data pipeline management capabilities, helping users manage scale and reduce costs, while the new Mandiant Threat Defense service gives in-depth detection and response capabilities to all the latest threats.

Google Cloud intros AI security agents, unified security platform to consolidate ops, triage, threat intel

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Enterprise infrastructure is increasingly complex, meaning protecting it is, too. The attack surface is more expansive than ever, and many enterprises have a patchwork quilt of security tools, making it difficult for them to gain a cohesive understanding of their security posture. Add in AI -- and all the threats it brings -- and security teams are scrambling to keep up. Google Cloud aims to solve this problem -- or at least reduce cybersecurity pain points -- with a new Google Unified Security platform. The tech giant rolled out the new offering, along with new security agents and several other security capabilities, today at Google Cloud Next. Google Unified Security "creates a single, scalable, searchable security data fabric across the entire attack surface," Brian Roddy, VP of product management and Peter Bailey, VP of security operations at Google Cloud wrote in a blog post today. Supporting preemptive security Google Unified Security brings together Google's security operations, cloud security, threat intelligence, secure enterprise browsing and Mandiant expertise into one platform powered by Gemini and featuring semi-autonomous AI. It offers preemptive security, according to Google, as it provides visibility across networks, clouds, apps and endpoints. The goal is to help enterprises anticipate and remediate threats before they become realities and prevent attackers from getting into a system, Roddy and Bailey explain. The platform integrates data from Chrome Enterprise and Google Threat Intelligence to support detection and remediation and test security controls against the latest known attacker activities. Google Unified Security helps improve enterprise security posture with browser behavior, managed threat hunting and security validation integrations, said Michelle Abraham, IDC's senior research director for security and Trust. "This approach offers organizations a more holistic and streamlined defense against today's complex threat landscape," she said. Bashar Abouseido, CISO at Charles Schwab, said Google's automated response capabilities have "dramatically reduced" financial services company's investigation resolution time while providing better visibility across its computing environment. "Google is transforming security operations and enabling our vision to stay proactive in responding to cyber threats," he said. "The platform has empowered our team to focus on strategic initiatives and high value work." Google Cloud is also working closely with Deloitte Cyber; Adnan Amjad, principal and U.S. cyber leader at Deloitte and Touche LLP noted that Google Unified Security "brings together a centralized data fabric, integrated threat intelligence, unified SOC and cloud workflows and agentic AI automation -- creating a powerful platform to drive our clients' security transformation." Agents for alert triage, malware analysis Agentic AI is a hot topic in the enterprise right now -- AI agents will eventually be able to work on their own and perform tasks autonomously. Google aims to get a head start in this area, today announcing two new semi-autonomous Gemini security agents for alert triage and malware analysis. In the company's Google Security Operations offering, an alert triage agent will investigate alerts and their context and gather relevant information before rendering a verdict. It will support this with evidence and its step-by-step decision-making. "This always-on investigation agent will vastly reduce the manual workload of Tier 1 and Tier 2 analysts who otherwise are triaging and investigating hundreds of alerts per day," write Roddy and Bailey. Meanwhile, a malware analysis agent integrated into Google Threat Intelligence will analyze potentially malicious code. The agent can create and execute scripts for deobfuscation -- when threat actors intentionally make code difficult to understand or reverse engineer -- and also offer a final verdict and a summarization of its work and findings. Google Cloud expects to preview both agents with select customers in Q2 this year. Roddy and Bailey assert that AI agents "represent a catalyst for security teams to reduce toil, build true cyber-resilience and drive strategic program transformation." "Agentic AI is powering a fundamental shift in how security operations are conducted," they write. "Our vision is a future where intelligent agents work alongside human analysts, offloading routine tasks, augmenting their decision-making and freeing them to focus on complex issues." Google Cloud introduces new DSPM capabilities, compliance management No doubt, AI is one of the most transformative technologies in enterprise today -- but its prevalence across enterprise workflows also makes it a serious security risk. Google Cloud is making updates to its Security Command Center that include specific AI protections and a "Model Armor" that integrates directly into Vertex AI. With the new protections, security teams can discover AI inventory, secure models and data and detect and respond to threats specifically targeting AI systems. With Model Armor, they can apply content safety and security controls around prompts and responses for various models and clouds. Along with these new capabilities, Google is also introducing a new data security posture management (DSPM) tool to help enterprises discover and classify sensitive data, set and enforce data security and compliance controls and monitor for violations. Further, Security Command Center now features a new compliance manager that provides a full view of an enterprise's compliance state. Other security announcements from Google Cloud Next:

Google unveils new security AI agents to keep your business safe from the latest threats

Google Cloud has unveiled the launch of several new AI agents focused on keeping your organization as safe as it can be. The company revealed the new additions at its Google Cloud Next 25 event, promising a useful ally to protect your business from the latest threats. The new agents will form part of Google Unified Security, the company's new combined offering, also launched this week to help provide better and more effective security protection for businesses everywhere. The company says it sees a future approach to security where human analysts work alongside AI agents, meaning menial or resource-intensive basic tasks are offloaded to the latter, freeing up the former to focus on more complex tasks. The new additions include an alert triage agent in Google Security Operations which is able to carry out dynamic investigations on behalf of users. The always-on agent is able to analyze the context of each alert, before gathering relevant information and reaching a verdict, which is then delivered to the user, alongside data history covering exactly how the agent arrived at its decision, reducing the workload of analysts who otherwise are triaging and investigating hundreds of alerts per day. The other new addition is a malware analysis agent, part of Google Threat Intelligence, which can investigate whether code is safe or harmful. It will also have the ability to create and execute scripts for deobfuscation, before summarizing its work and offering up a final verdict. Both new agents will be rolling out to users in the second quarter of 2025.

Google launches Unified Security platform and unveils Gemini agents for threat detection - SiliconANGLE

Google launches Unified Security platform and unveils Gemini agents for threat detection Google LLC today announced a wave of artificial intelligence-driven capabilities coming to enterprise security, including a new service called Google Unified Security, new security agents and innovations. Leading the announcements from the Google Cloud Next conference this week in Las Vegas is the introduction of Google Unified Security, a new AI-powered platform that consolidates the company's current security offerings into a single, integrated experience. The new service is designed to address the complexity and fragmentation of enterprise security environments by bringing together threat intelligence, security operations, cloud security and secure enterprise browsing into one service. Unified Security has been built to help organizations move from reactive to proactive security postures. The service automatically enriches security telemetry with the latest Google Threat Intelligence to deliver faster threat prioritization and smarter response. The service also integrates Chrome Enterprise telemetry and Security Command Center insights to allow analysts to assess and reduce risk across every layer of the stack, including AI workloads. Playing a key role, Gemini, Google's generative AI, assists by streamlining investigations, automating response workflows and eliminating operational silos. The unified approach taken by the platform simplifies toolsets and accelerates decision-making. Browser behavior is now integrated directly into detection workflows, while threat actor simulations test defenses in real time. The capabilities give security teams the ability to pinpoint exposures, validate protections and improve resilience before threats materialize. In testing, companies such as Charles Schwab Corp. report faster response times and better visibility across their environments. "Automated response capabilities have dramatically reduced our investigation resolution time while providing a high degree of visibility and scale across our entire computing environment," said Bashar Abouseido, chief information security officer at Charles Schwab. "The platform has empowered our team to focus on strategic initiatives and high-value work." Google is also advancing its vision of agentic AI with the introduction of new "Gemini in Security" agents, designed to work alongside human analysts to accelerate investigations and reduce operational burden. In Google Security Operations, an alert triage agent that can perform dynamic investigations on behalf of users will be previewed in the second quarter. The agent performs dynamic investigations by analyzing alert context, gathering relevant data and delivering a verdict, complete with evidence and rationale. The always-on agent is aimed at reducing the repetitive workload of Tier 1 and Tier 2 analysts, who often triage hundreds of alerts daily. Google Threat Intelligence is also getting a malware analysis agent that can assess suspicious code, including executing deobfuscation routines and summarizing its findings. The agentic AI offerings aim to deliver faster detection and response with complete visibility and streamlined workflows. In Google's own words, "they represent a catalyst for security teams to reduce toil, build true cyber-resilience and drive strategic program transformation." On the security operations front, Google has introduced new data pipeline management capabilities, which are now generally available, that help customers better manage scale, reduce costs and satisfy compliance mandates. Users can now transform and prepare data for downstream use, route data to different destinations and multiple tenants to manage scale, filter data to control volume and redact sensitive data for compliance. Also generally available today is the Mandiant Threat Defense service for Google Security Operations, which provides comprehensive active threat detection, hunting and response. The service includes Mandiant experts working alongside customer security teams, using AI-assisted threat hunting techniques to identify and respond to threats, conduct investigations and scale response through security operations SOAR playbooks, effectively extending customer security teams. Google continues to enhance the Security Command Center with new capabilities focused on protecting AI systems, sensitive data and improving compliance workflows. The recently announced AI Protection offering helps customers discover AI assets, secure models and data, and detect threats across the AI lifecycle. A key feature, Model Armor, is now generally available and integrated with Vertex AI, enabling automatic content safety and security control applications across multiple clouds without requiring application changes. Additionally, new Data Security Posture Management capabilities, set to preview in June, will support the discovery, classification and governance of sensitive data, including AI training data, directly within Google Cloud analytics and AI tools. To support compliance efforts, Google announced that it is launching a Compliance Manager in preview by the end of June. The new tool will provide a unified workflow for defining policies, configuring and enforcing controls, monitoring systems, and auditing compliance based on the foundation of Assured Workloads. Other enhancements include a preview integration with Snyk Inc. to help developers find and fix software vulnerabilities and new Security Risk dashboards for Google Compute Engine and Kubernetes Engine, now generally available, offering in-console visibility into top vulnerabilities and issues. Google is also expanding its Risk Protection Program, which offers discounted cyber insurance based on cloud security posture. New partners Beazley plc and Chubb Ltd. have joined Google in the initiative, broadening international coverage and customer choice. Notably, Chubb will provide insurance for risks related to quantum computing exploits, along with affirmative coverage for AI-specific risks, available exclusively to Google Cloud customers and workloads. Google is also expanding its data security capabilities with new advancements in confidential computing and data protection. Confidential GKE Nodes featuring AMD SEV-SNP and Intel TDX will become generally available in the second quarter, allowing organizations to protect standard Kubernetes workloads without requiring code changes. Additionally, Confidential GKE Nodes with Nvidia Corp. H100 graphics processing units will enter preview, offering confidential GPU computing for high-performance tasks. Google's Sensitive Data Protection discovery service is now generally available for Vertex AI and Azure Storage, providing continuous monitoring of sensitive assets. Upcoming features include data-in-motion scanning via Cloud Load Balancing and Secure Web Proxy, as well as support for Dataplex V2. Also previewed today were two new hardware-based security options: a single-tenant Cloud HSM for dedicated, isolated key management and an enhanced bare metal HSM that simplifies deployment with pre-configured units. On the network security side, Google is enabling more flexible protections through Network Security Integration, which allows third-party network appliances to be inserted without disrupting routing policies. Out-of-band integrations are also now generally available, while in-band integrations are in preview.

5 Big Google Cloud Security Announcements At Next 2025

The cloud giant announced its Google Unified Security platform along with new agentic security tools and other updates for boosting cyber defense. Google Cloud announced major advancements in its security portfolio Wednesday including the debut of its Google Unified Security offering that integrates a number of tools onto a single platform. The announcements also included launches of new agentic security tools as well as additional capabilities powered by Mandiant and new offerings in AI and data security. [Related: Google Cloud CEO Thomas Kurian On Agentic AI's Starring Role] The tech giant made the announcements in connection with its Google Cloud Next 2025 conference, taking place this week in Las Vegas. What follows are five key things to know about Google Cloud's big security announcements at Next 2025. The launch of Google Unified Security is aimed at bringing together a variety of security capabilities in a more-integrated fashion for improved cyber defense, Google Cloud executives said during a briefing with reporters. The platform combines security operations and cloud security with threat intelligence and the company's Chrome Enterprise browser -- while also leveraging expertise from the company's Mandiant unit, executives said. Key advancements include the integration of various products onto Google Unified Security such as through the connecting of Chrome Enterprise browser and asset data from into the Google Security Operations platform for enhanced detection and remediation of threats, according to the company. Other major integrations on Google Unified Security include tying Google Threat Intelligence with security validation -- for proactive assessment of exposures -- as well as the integration of Google Threat Intelligence into the cloud detection capabilities in Security Command Center, according to Google Cloud. Ultimately, Google Unified Security "offers unmatched threat visibility, cloud security, the most trusted browser and Mandiant expertise, all in one converged security suite powered by Gemini AI," said Brian Roddy, vice president of cloud security at Google, during the press briefing. Google Unified Security is now generally available, the company said. Google Cloud unveiled new security agents Wednesday at Next 2025, available within its Google Security Operations offering and Google Threat Intelligence service. In Google Security Operations, for instance, new AI-powered agentic capabilities will enable automated triage of alerts for faster responses and lower dependence on manual effort by security analysts, according to Google Cloud executives. The triage agent is designed to "continuously investigate alerts, decide what needs human attention and automatically respond," said Payal Chakravarty, a Google director of product management for Google Cloud security products. Meanwhile, the company announced a new security AI agent for its Google Threat Intelligence service focused on providing malware analysis, with the goal of enabling greater automation for security activities, according to Google. The new security agents are planned to enter a preview during the second quarter, Google said. Google Cloud continues to expand the services available from its Mandiant unit, including with the announcement Wednesday of its new Mandiant Threat Defense service. The service is now generally available for the Google Security Operations offering and is aimed at providing "active" threat detection, hunting and response, the company said in a blog post. As part of the service, "Mandiant experts work alongside customer security teams, using AI-assisted threat hunting techniques to identify and respond to threats, conduct investigations, and scale response through security operations SOAR playbooks, effectively extending customer security teams," Google said in the post. Google rolled out updates for Security Command Center at Next 2025 focused on boosting capabilities in key areas of concern for many organizations including AI and data security. The updates include new capabilities for DSPM (data security posture management) that will be available as a preview in June, focused on providing discovery, security and governance of sensitive data, according to Google. Meanwhile, Security Command Center is also seeing AI security updates with the introduction of Model Armor, used for applying security controls to prompts and responses within AI Protection, the company said. The capability is now generally available. Additionally, Google Cloud launched a new Compliance Manager tool -- which will be available in preview at the end of June -- aimed at bringing together policy definition with control configuration, enforcement, auditing and monitoring into a "unified workflow," the company said in its post. For its Chrome Enterprise browser, Google announced new security capabilities available as part of Chrome Enterprise Premium geared toward enhanced protection against threats such as phishing. The company announced that the newly introduced employee phishing protections will utilize data from Google Safe Browsing to provide defense against lookalike sites and portals, Google said. In addition, Google announced the generally available debut of data masking in Chrome Enterprise Premium, as well as the extension of enterprise browsing protections -- such as controls for copy and paste along with URL filtering -- to Android devices.