Google on Tuesday announced updates to existing products and services, as well as new cloud-based security products aimed at customers managing large, multi-tenant enterprise networks, at its annual Cloud Next conference in Las Vegas. and services announced.
Many of the announcements were about Gemini, Google's flagship AI-generated model family.
For example, Google announced Gemini in Threat Intelligence, a new Gemini-powered component of its Mandiant cybersecurity platform. Threat Intelligence's Gemini, currently in public preview, analyzes the vast majority of potentially malicious code, enables users to search for ongoing threats and indicators of compromise in natural language, and searches on the web for ongoing threats and indicators of compromise. Enables you to summarize open source intelligence reports.
“Gemini in Threat Intelligence now provides conversational search across Mandiant's vast and growing repository of threat intelligence, drawn directly from frontline research,” said Google's Head of Cloud Security. General Manager Sunil Potti said in a blog post shared with TechCrunch. “Gemini directs users to the most relevant pages within the integrated platform for deeper investigation…and [Google’s malware detection service] VirusTotal now automatically ingests OSINT reports and Gemini summarizes them directly on the platform. ”
Elsewhere, Gemini can now assist with cybersecurity investigations with Chronicle, Google's cybersecurity telemetry product for cloud customers. The new feature, expected to roll out by the end of this month, will guide security analysts through their typical workflows, recommending actions based on the context of a security investigation, summarizing security event data, and analyzing data from a chatbot-like interface. Create breach and exploit detection rules. .
Additionally, in Security Command Center, Google's enterprise cybersecurity and risk management suite, new Gemini-driven capabilities allow security teams to use natural language to search for threats while identifying misconfigurations, vulnerabilities, and possible It can provide an overview of the attack path.
Rounding out the security updates was Privileged Access Manager (in preview). It is a service that provides just-in-time, time-limited, authorization-based access options designed to reduce the risks associated with exploiting privileged access. Google is also rolling out Principal Access Perimeter (in preview). This allows administrators to implement restrictions on root-level users of the network, allowing these users to access authorized resources only within specifically defined boundaries.
Finally, Autokey (preview) is intended to simplify the creation and management of customers' encryption keys for high-security use cases. Meanwhile, Audit Manager (also in preview) provides tools for Google Cloud customers in regulated industries to generate evidence of workload and cloud compliance. -Hosted data.
“Generative AI offers great potential to shift the balance in the defender’s favor,” Potti wrote in a blog post. “And we continue to build AI-driven features into our products.”
Google isn't the only company trying to commercialize AI-powered generative security tools. Last year, Microsoft launched a series of services that leverage generative AI to prioritize cybersecurity incidents while correlating data about attacks. Startups like Aim Security have also entered the fray, aiming to corner this emerging field.
But generative AI is prone to making mistakes, so it remains to be seen whether these tools will have staying power.