Google Cloud unveiled a series of security enhancements including integrating its generative artificial intelligence (genAI) capabilities with its security operations, threat intelligence and Security Command Center services during the Google Cloud Next ’24 event.
Last year, Google unveiled its Gemini flagship generative AI (genAI) model and announced the integration of its genAI collaborator with its security services, including Mandiant threat intelligence, Chronicle Security Operations and Security Command Center to offer natural language search and case summaries.
Building on these moves, the vendor now announced the Gemini in Security Operations will be publicly available at the end of this month with a new assisted investigation feature.
The new feature is designed to guide security analysts through their Google Cloud’s Chronicle Enterprise and Chronicle Enterprise Plus, Sunil Potti, GM and VP of cloud security at Google Cloud wrote in a blog post. “Gemini recommends actions based on the context of an investigation, and can run searches and create detection rules to improve response times.”
In addition, the vendor added the threat intelligence from Mandiant, so users can ask Gemini for the latest threat intelligence directly, including any indicators of compromise found in their environment, and the genAI tool will navigate them to the most relevant pages in the integrated platform for deeper investigation, Potti added.
“The goal here is to elevate the skills of our security teams, boosting their productivity, allowing them to more easily detect investigate and respond to threats, using conversational chat with recommended next steps,” Brad Calder, VP and GM of Google Cloud Platform and Technical Infrastructure, said during a press pre-briefing.
Gemini in Mandiant threat intelligence and Security Command Center
In addition to the security operations integration, Google Cloud also previewed Gemini in Threat Intelligence and Gemini in Security Command Center at the event.
Google acquired the security vendor Mandiant in an all-cash deal valued at around $5.4 billion in 2022, which has more than 600 cybersecurity consultants and over 300 intelligence analysts.
“Gemini in Threat Intelligence now offers conversational search across Mandiant’s vast and growing repository of threat intelligence directly from frontline investigations — a grounded experience, now in preview,” Potti wrote.
“This allows the users to use conversational search to gain faster insight into threat actor behavior based on Mandiant’s growing repository of intelligence,” Calder echoed.
Google Cloud also integrates Gemini with the Security Command Center to offer natural language capabilities for searching threats and security events.
Security Command Center is a security and risk management platform for monitoring data and security risks across organizations or individual projects.
The Gemini in Security Command Center offers “summaries of critical- and high-priority misconfiguration and vulnerability alerts and summarizes attack paths to help understand cloud risks for remediation,” according to Potti.
Google Cloud brings advanced security to Chrome Enterprise
Amid these advancements, Google Cloud unveiled Chrome Enterprise Premium, a solution that melds Google’s web browser for enterprises — Chrome Enterprise — with its security capabilities including threat and data protection, zero-trust access controls, enterprise policy controls and security insights and reporting.
“We see in transformation in the work environment where the browser has become the place where every high-value activity and interaction in the enterprise is happening,” Calder said. “So the browser is essentially serving as the new endpoint.”
The Chrome Enterprise Premium “allows IT and security teams to implement data loss prevention and detailed security reporting for their organizations,” he said.
This post was originally published on 3rd party site mentioned in the title of this site
