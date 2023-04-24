



Prevent threats from spreading beyond the initial infection

We already offer best-in-class capabilities to help your organization respond to threats faster. But what if you could not only identify and contain initial infections, but also prevent them from occurring elsewhere? Combined with detection and analysis, new infections can now be prevented. These advances are important to combat the potential surge in adversarial attacks that use machine learning and generative AI systems. That’s why I was so excited to introduce it.

VirusTotal Code Insight uses Sec-PaLM to analyze and describe the behavior of potentially malicious scripts to better detect which scripts are actually threats.

Mandiant Breach Analytics for Chronicle leverages Google Cloud and Mandiant Threat Intelligence to automatically alert you to active breaches in your environment. Use Sec-PaLM to stay on top of the situation and take immediate action on these important findings.

These new updates build on existing AI from Google’s industry-leading solutions. For example, Chronicle Security Operations is already using frontline intelligence, synthetic reasoning, and machine learning to identify initial infections, prioritize impact, and contain threats. Another example is reCAPTCHA Enterprise. It uses the image noise feature to protect your site from adversaries leveraging new AI advances and greatly strengthens defenses against bots.

Add Intelligence to Reduce Effort

Google Cloud helps organizations modernize security wherever possible by simplifying security tools and controls wherever possible. Advances in generative AI can help organizations reduce the number of tools they need to protect their vast attack surface, ultimately allowing systems to protect themselves. This minimizes the effort required to manage multiple environments, generate security designs and features, and generate security controls. Today we announced the following:

Assured OSS uses LLM to add more open source software (OSS) packages to its OSS vulnerability management solution. This solution offers the same curated and vulnerability-tested packages that we use at Google.

Built on top of Mandiant’s massive threat graph, Mandiant Threat Intelligence AI leverages Sec-PaLM to quickly detect, summarize, and respond to threats relevant to your organization.

These announcements build on existing capabilities that help customers centralize visibility and control, detect targets, and improve security across the platform. For example, Security Command Center (SCC) uses always-on machine learning to detect malicious scripts running in customer container environments and immediately alert customers. Additionally, Cloud Data Loss Prevention leverages machine learning to search and classify data. Confidential Computing allows you to collaborate, train, and deploy confidential, regulated AI models in the cloud while maintaining confidentiality.

Evolving the way practitioners do security to fill talent gaps

At Google, we believe that to truly democratize security, we must first recognize that AI will soon usher in a new era of security professionals. This era has a huge impact on how professionals do security. Most people who are security developers, sysadmins, SREs, and even junior analysts are not trained security he specialists.

Imagine a world where novices and security experts, paired with AI expertise, are freed from repetition and burnout to accomplish tasks that seem impossible to us today. To facilitate this evolution, we have included Sec-PaLM-based capabilities that can make security easier to understand while improving effectiveness with exciting new features in two solutions:

Chronicle AI: Chronicle customers can search billions of security events, interact with results, ask follow-up questions, and quickly generate detections without having to learn new syntax or schema .

Security Command Center AI: Security Command Center transforms complex attack graphs into human-readable descriptions of attack exposure, including assets affected and mitigation recommendations. We also provide an AI-powered risk summary of our findings on Google Cloud security, compliance, and privacy.

These new releases build on existing efforts to tackle these issues through features such as IAM Recommender, which suggests permissions that are better suited to your usage patterns. We plan to extend this feature to cover organizational policies and enable administrators to further improve their organization’s security posture. Additionally, Mandiant Automated Defense applies machine learning to alleviate the problem of repetitive Tier 1 alert triage and combat alert fatigue.

