Google wants to be taken seriously as a provider of security services for the enterprise. With that in mind, the company has unveiled what it calls Intel-driven AI-powered SecOps and actionable threat intelligence, the latter under the name Google Threat Intelligence, at the RSA conference in San Francisco.
This means Google will combine data from Mandiant — which it acquired in March 2022 — and meld this information with telemetry from its enormous footprint and make use of VirusTotal's database to sell visibility to corporate security teams.
On Tuesday, Sunil Potti, vice-president and general manager of Google Cloud Security, and Sandra Joyce, vice-president of the newly formed Google Threat Intelligence, said in a statement: "For decades, threat intelligence solutions have had two main challenges: They lack a comprehensive view of the threat landscape, and to get value from intelligence, organisations have to spend excess time, energy, and money trying to collect and operationalise the data."
The pair added that Google Threat Intelligence would combine "the unmatched depth of our Mandiant frontline expertise, the global reach of the VirusTotal community, and the breadth of visibility only Google can deliver, based on billions of signals across devices and emails".
"Google Threat Intelligence includes Gemini in Threat Intelligence, our AI-powered agent that provides conversational search across our vast repository of threat intelligence, enabling customers to gain insights and protect themselves from threats faster than ever before."
A second announcement, about Google Security Operations — Intel-driven, AI-powered SecOps — was made by Chris Corde, director of Product Management.
He said this would encompass new features that would use AI to automatically generate detections based on new threat discoveries.
"Coming later this year, this new capability will help enable you to identify malicious activity operating in your environment, and share clear directions that guide you through triage and response," Corde added.
Expanding on the AI angle, Steph Hay, senior director, Google Cloud Security, and Umesh Shankar, chief technologist, Google Cloud Security, said the company's vision for AI was "to accelerate your ability to protect and defend against threats by shifting from manual, time-intensive efforts to assisted and, ultimately, semi-autonomous security – while providing you with curated tools and services to secure your AI data, models, applications, and infrastructure.
"We [will] do this by empowering defenders with Gemini in Security, which uses SecLM, our security-tuned API, as well as providing tools and services to manage AI risk to your environment. Our Mandiant experts are able to help you secure your AI journey wherever you are."
The announcements came against the background of a major snafu suffered by Google Cloud, a third-party provider to the Australian superannuation provide UniSuper.
A Google Cloud spokesperson did not appear to know the exact cause of the snafu that has resulted in UniSuper members being unable to access their accounts since last week.
The last statement issued by Google reflects the company's confusion. The problem, this individual said, "was caused by a combination of rare issues at Google Cloud that resulted in an inadvertent misconfiguration during the provisioning of UniSuper’s Private Cloud, which triggered a previously unknown software bug that impacted UniSuper’s secondary systems", not words that exactly inspire confidence.
UniSuper's latest statement on the screw-up on Thursday said: "From midday 9 May AEST, members will be able to login to their accounts on our website. Estimated account balances may not reflect transactions which have not yet been processed due to the outage. Please be assured that updated balances will be reflected in accounts as soon as possible."
Michelle Abraham, research director, IDC, said: “Google Security Operations provides access to unique threat intelligence and advanced capabilities that are highly integrated into the platform.
"It enables security teams to surface the latest threats in a turnkey way that doesn’t require complicated engineering. Google is a potential partner for organisations in the fight against existing and emerging threats.”
Third-party endorsement for Google Threat Intelligence came from Dave Gruber, principal analyst, Enterprise Strategy Group, who was quoted as saying: "“While there is no shortage of threat intelligence available, the challenge for most is to contextualise and operationalise intelligence relevant to their specific organisation.
Unarguably, Google provides two of the most important pillars of threat intelligence in the industry today with VirusTotal and Mandiant. Integrating both into a single offering, enhanced with AI and Google threat insights, offers security teams a new means to operationalise actionable threat intelligence to better protect their organisations.”