Google is beefing up its security offerings by integrating new generative AI tools and large language models (LLMs) into its security product suite, including a new Google Cloud Security AI Workbench designed to address threat overload, tooling issues and talent shortages.
According to the company, which announced the news during the annual RSA Conference, Google Cloud Security AI Workbench is an extensible platform powered by a specialized, security LLM called Sec-PaLM. The model is fine-tuned for security use cases and incorporates Google’s security intelligence and visibility as well as subsidiary Mandiant’s frontline intelligence on vulnerabilities, malware, threat indicators and threat patterns.
According to Google, Security AI Workbench powers new offerings that address three top security challenges: threat overload, toilsome tools and the talent gap.
In addition, Google says Security AI Workbench will feature partner plug-in integrations to bring threat intelligence, workflow and other security functionality to customers, with Accenture being the first to utilize it.
Organizations can also make their private data available to the platform at inference time, with Google pledging to honor its data privacy commitments to customers. The tool is built on Google Cloud’s Vertex AI infrastructure, which allows customers to control their data via data isolation, data protection, sovereignty and compliance support, the company says.
In large part, the new AI tools and updates build on existing AI features in Google’s security solutions that leverage frontline intelligence, machine learning and more.
Some of the new tools included are VirusTotal Code Insight, available in preview, which uses Sec-PaLM to help analyze and explain behavior of potentially malicious scripts and better detect which are actually threats. In addition, Google is introducing Mandiant Breach Analytics for Chronicle, which leverages the combined threat intelligence of Google and Mandiant to alert organizations to active breaches in their environment, with Sec-PaLM will helping to contextualize and respond instantly to those critical findings.
The company says Google Cloud Security AI Workbench can also help reduce the number of tools IT and security professionals need to use to secure their organization’s attack surface. To that end, Google announced two new tools, Assured OSS and Mandiant Threat Intelligence AI.
Assured OSS will use LLMs to help add more open-source software packages to Google’s OSS vulnerability management solution, and Mandiant Threat Intelligence AI is built on top of Mandiant’s threat graph and will leverage Sec-PaLM to find, summarize and act on threats relevant to the organization, according to Google.
The cybersecurity industry is woefully understaffed, which is another motivation behind Google’s new AI security updates. Specifically, the company says Chronicle AI will enable customers search billions of security events and interact conversationally with the results, ask follow-up questions and generate detections without having to learn a new syntax or schema.
Google is also introducing Security Command Center AI, a tool designed to translate complex attack graphs to human-readable explanations of attack exposure, including impacted assets and recommended mitigations. In addition, the tool will provide AI-powered risk summaries for security, compliance and privacy findings for Google Cloud.
Aside from VirusTotal Code Insight, the other offerings will be rolling out to trusted testers in the coming months and will be available in preview this summer.
