- Google announced a shift from human-led to AI-led cyber defense, overseen by human operators.
- At its Cloud Next conference, it introduced new threat hunting agents, detection techniques and third-party context enrichment.
- Existing AI agents such as Triage and Investigation have already processed millions of alerts, reducing analysis time from half an hour to around a minute.
Google is moving from a human-led cyber defense strategy to a human-supervised cyber defense strategy, and to achieve this goal, it is introducing even more artificial intelligence (AI) agents.
Google Cloud Next is the company’s annual flagship conference where it showcases its latest innovations in cloud computing, AI, security and data analytics.
Here it demonstrated three new agents: Threat Hunting, Detection Engineering and Third Party Context.
The article continues below
Agent fleet of the future
The first agent is designed to help security teams look for new attack patterns and stealthy malicious behavior that might otherwise fly under the radar of a human defender.
“As the name suggests, it looks for new threats in your organization’s environment using intelligence from our Google Threat Intelligence and Mandiant best practices,” explained Google Cloud CEO Francis deSouza. “It does this continuously at an infinite scale, much faster than you could do with a human-controlled defense.”
The second agent, Detection Engineering, helps companies find gaps in the security coverage of their IT environments and then creates new detection and detection rules based on the results of its findings.
Third-party context, an agent who according to The registercoming soon uses third-party data to enrich and improve existing security workflows.
“It’s very clear that we’ve moved from a human-led defense strategy to a human-in-the-loop defense strategy, to an AI-led defense strategy that’s overseen by humans,” deSouza said during the Google Cloud Next press conference in Las Vegas this week. “Our model for the future is a fleet of agents that do much of the routine cybersecurity work at the pace of machines and are then monitored by humans.”
Google’s Triage and Investigation agent, which was similarly announced last year, is now generally available, the publication further confirmed. Over the past year, it processed more than five million alerts, reportedly reducing a typical 30-minute manual analysis down to just 60 seconds.
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
