Google Gives Gemini a Security Boost – Source: www.darkreading.com

Source: Klaus Ohlenschlaeger via Alamy Stock Photo

Gemini now has security capabilities: Google has integrated Mandiant’s security offerings into its artificial intelligence (AI) platform, the company announced during its Google Cloud Next conference in Las Vegas.

The new capabilities are automated security agents that use generative AI to detect, stop, and remediate cybersecurity attacks as quickly as possible and to to analyze code to find security problems. The agents will assist security operations teams by increasing the speed of investigations.

“Security agents will help you in every stage of the security life cycle, from prevention, detection and response,” said Google Cloud CEO Thomas Kurian during a keynote speech at the event.

The security offerings are built around Google’s Gemini large language model, which is also being used to summarize documents and generate images. The new security features use generative AI to analyze code to find security problems. Security analysts can run deep queries to get to the root cause of problems and seek answers. The technology will also better explain findings so companies can take action to neutralize threats.

Google is betting its future on AI products such as Gemini, which it introduced earlier this year. Gemini is already being integrated into search and productivity applications. Mandiant’s offerings include threat detection and security operations, and Gemini adds AI capabilities to cover detection, analysis, and prevention.

Using AI to Understand Attacks

One of the new products, Gemini in Threat Intelligence, uses natural language prompts to get deep insight about malicious behavior.

“We’re able to take the experience and intelligence we gather from protecting Google’s own services, combine it with Mandiant’s leading, frontline insight from their work in incident response to show emerging threats, the severity, and risk factors,” Kurian said.

The intelligent threat offers ties into the next product, Gemini in Security Operations, which relies on AI to improve the speed to address threats from malicious behavior. It can also be used to summarize and explain findings, recommend next steps, and put remediation playbooks in action.

Gemini can recommend actions based on factors such as detection rules, and provide recommendations for faster response times.

“Analysts can now ask Gemini for the latest threat intelligence from Mandiant directly in-line — including any indicators of compromise found in their environment — and Gemini will navigate users to the most relevant pages in the integrated platform for deeper investigation,” Google wrote in a blog post.

The offering uses Gemini 1.5 Pro’s AI capabilities to analyze large samples of potential malicious code or malware, the interaction between modules, and to reveal their true malicious intent, Kurian said.

The final product announced was Gemini in Security Command Center, which evaluates a security posture, provides findings, and summarizes attack paths, which helps companies remediate cloud risks.

“We’ve leveraged tremendous amounts of machine learning, precision AI, generative AI, to make sure our customers are able to detect, stop, and remediate all cybersecurity attacks as quickly as possible,” Kurian said.

AI tools such as Gemini and OpenAI’s ChatGPT are improving productivity, but hallucinations and other shortcomings are raising concerns about the technology being used irresponsibly. The White House late last month issued an executive order on responsible use and development of AI development, which also recommends monitoring AI systems to prevent misuse.