Google Cloud Puts AI at the Core of Cyber Defense

In a major push at its 2025 Security Summit, Google Cloud unveiled new AI-driven cybersecurity capabilities, signaling a strategic shift toward “agentic” AI-assisted defense models.

The centerpiece of Google’s announcement involves creating agentic Security Operations Centers (SOCs)—where AI agents autonomously conduct tasks like triage, data collection, and alert investigation, relieving human analysts from repetitive workload.

A standout feature, the Alert Investigation Agent (in preview), enriches security events with deep insights, such as command-line analysis and process tree generation, inspired by human expert methodologies from Mandiant.

Google also strengthened its Security Command Center with AI Protection updates that safeguard AI systems themselves. This includes auto-discovery of AI agents, fortified Model Armor to guard against prompt injection and jailbreak attempts, and Mandiant-powered threat detection to monitor anomalous agent behavior.

The broader vision extends to Google Unified Security, a unified AI-powered security platform integrating threat intelligence, policy compliance, browser telemetry, and Gemini AI to streamline and strengthen enterprise defense.

In effect, Google Cloud is betting on AI both as a target and a shield—creating systems that automate routine defenses and protect emerging AI assets across the enterprise.