Google Cloud unveils agentic AI to boost security operations efficiency
The use of agentic AI within security is intended to move beyond existing assistive AI by allowing intelligent agents to independently identify, reason through, and dynamically execute tasks, while keeping human analysts informed and involved in the process.
Building on customer experiences with Gemini in Security Operations, Google Cloud aims to develop a security operations centre (SOC) where these intelligent agents collaborate with human analysts. Hector Peña, Senior Information Security Director at Apex Fintech Solutions, commented on the current benefits, stating: "No longer do we have our analysts having to write regular expressions that could take anywhere from 30 minutes to an hour. Gemini can do it within a matter of seconds."
Google Cloud has recently developed new AI agents as part of its Gemini in Security suite. The alert triage agent in Google Security Operations is designed to perform dynamic investigations and deliver verdicts on alerts. This agent is expected to be available in preview to selected customers in the second quarter of 2025. It analyses the context of each alert, gathers supporting information, and provides an audit log detailing the evidence, reasoning, and decisions behind its verdicts. This tool aims to reduce repetitive work for Tier 1 and Tier 2 security analysts who manage high volumes of daily alerts.
In Google Threat Intelligence, the malware analysis agent is designed to undertake the reverse engineering of potentially malicious files. Also expected to be available for preview to selected customers in Q2 2025, this agent examines suspicious code, creates and executes deobfuscation scripts, and presents a summary along with a determining verdict regarding the file's safety.
The agentic SOC concept involves connecting multiple specialised agents that collaborate with analysts to automate a variety of security workflows. Google Cloud believes this could yield significant efficiency gains, enabling security professionals to dedicate more attention to complex threats and strategic priorities.
Google Cloud provided examples of critical SOC functions that could be automated or orchestrated through agentic AI. These include data management, alert triage, investigation, response actions, threat research, threat hunting, malware analysis, exposure management, and detection engineering.
To support the deployment of reliable AI agents, Google Cloud leverages its broad security data and expertise, advanced AI research, and integrated technology stack. The company stated that these resources allow for the development of agents capable of human-like planning and reasoning, producing consistent and high-quality outcomes across security tasks. Google also pointed to the modularity of this approach, with new agents constructed through the combination of existing security capabilities.
Interoperability is also a focus for Google Cloud, with the introduction of the Agent2Agent (A2A) protocol to enable communication among agents developed by different developers, and the model context protocol (MCP) for standardised interaction between AI and security applications.
Google Cloud is open-sourcing MCP servers for Google Unified Security, allowing customers to build custom workflows that combine Google Cloud and other security solutions. The company emphasises its commitment to an open ecosystem in which agents from various vendors and products can work together.
Grant Steiner, Principal Cyber-Intelligence Analyst, Enablement Operations, Emerson, said: "We see an immediate opportunity to use MCP with Gemini to connect with our array of custom and commercial tools. It can help us make ad-hoc execution of data gathering, data enrichment, and communication easier for our analysts as they use the Google Security Operations platform."
Google Cloud also introduced SecOps Labs, an initiative offering customers early access to AI pilots in Google Security Operations, and providing a mechanism for the community to give feedback. The initial set of pilots includes autonomous conversion of threat reports into detection rules, the generation of automation playbooks based on historical incident analysis, and updates to data parsers using natural language commands.
SecOps Labs is intended as a space for teams to trial and refine AI capabilities, and help shape future Google Security Operations technologies by offering feedback based on real-world experiences.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
NZ Herald
2 days ago
- NZ Herald
Auckland Council hires private investigator to track homeowner, forced sale looms over $220k rates bill
The council would not disclose the current rating debt. Property records show the home, which is down a private driveway and part of a block of flats, was last sold in 1996 for $438,000. Its new council valuation is $1.025 million. 'For some years, we have been trying to contact the owner, and we are now entering the final opportunity before the property enters a rating sale process,' Tucker said. 'Despite extensive efforts to contact the owner over many years – including direct correspondence, public notification and professional services to find the owner – we haven't been able to make contact. 'We do not take a rating sale lightly, and it really is a last resort.' Tucker said all attempts to speak to the owner had been unsuccessful, apart from one instance. 'Despite a short period of email correspondence in 2023 and unverifiable claims from third parties purporting to act on the owner's behalf, no payment plan has been established, and no material payments have been received. 'The council is taking action now, as it needs to recover the unpaid rates, and there may be issues with unlawful access to the property and degradation of the site.' Due to the absence of verified contact, the property not being owner-occupied, and the failure of all previous engagement attempts, the statutory conditions for a forced rating sale had now been met under the Local Government (Ratings) Act, Tucker said. Private investigator hired to track Wu A timeline provided by the council shows the last full rates payment was made in 2005. The council was in contact with tenants and a property manager between 2006 and 2012, but neither had authority to address the rates arrears. In May 2014, the council hired a private investigator to track Wu before starting legal proceedings the following month, and registering a charging order against the property title in 2015. 'New information about the property's appropriate legal categorisation then emerged, which halted court proceedings while the council worked through associated legal details.' In 2021, the council applied to the District Court to sell the property as abandoned land. The property is down a private driveway and part of a block of flats. The owner last made a full rates payment in 2005. Photo / Google But, after posting a public notice in January 2023, the council received correspondence from a person purporting to be Choi Wu, which prevented the land from being treated as abandoned. The council is now calling for anyone who knows Wu or immediate family members to make contact 'to help resolve this matter and establish a solution'. If the sale went ahead, Tucker said the proceeds would be used to recover the full amount of outstanding rates, penalties and associated costs, including real estate agency and legal fees. The remainder of the proceeds would be released to the owner or held in trust until claimed. Tucker said anyone concerned about paying their rates was encouraged to get in touch to discuss assistance options. These included a government-funded rates rebate scheme, a rates postponement scheme for residential properties, and flexible payment options. Forced sale abandoned last year after discovery that owner had died Auckland Council was unable to contact the owners of this house in Guthrey Place, Ōtara, to arrange payment of outstanding rates and penalties totalling more than $300,000. Photo / Jason Oxenham In August last year, an imminent forced sale of a home in Ōtara was abandoned at the 11th hour after council officials learned the owner was dead. The Guthrey Pl house was set to be sold over an unpaid rates bill of $317,000. At the time, it was the city's longest outstanding rates bill. No payments had been made since March 2005. The council had tried for years to contact the owner and arrange repayment, without success. However, after coverage in the Herald, the court-ordered auction was abandoned when relatives of the property's owner, Joseph William Leef, contacted council officials to tell them Leef was dead. The only successful compulsory ratings sale in the supercity occurred in 2015. Charlotte Hareta Marsh lost her home of 20 years in a court-ordered sale after failing to pay rates for nine years. Charlotte Marsh at her former home in Manurewa before it was forcibly sold by Auckland Council. She had refused to pay rates arrears of more than $12,000. Photo / Dean Purcell Despite repeated warnings, she refused to recognise the authority of Auckland Council and claimed to have paid her rates instead to the 'rightful land owner', Arikinui o Tuhoe, a self-proclaimed sovereign authority. At the time of the sale, Marsh owed more than $12,000 in rates and penalties, and nearly $3000 in court costs. The late activist Penny Bright's 11-year refusal to pay rates nearly cost her her Kingsland home in the months before her death. Bright had disputed and refused to pay her rates, citing 'the lack of transparency in council spending on private-sector consultants and contractors'. The council went to court to have Bright's home forcibly sold to recoup tens of thousands of dollars in unpaid rates and penalties, and it was listed for sale in April 2017. But in May that year, a deal was struck after Bright applied for a rates postponement, which was accepted by the council. The forced sale proceedings were halted. Lane Nichols is Auckland desk editor for the New Zealand Herald, with more than 20 years' experience in the industry. Sign up to The Daily H, a free newsletter curated by our editors and delivered straight to your inbox every weekday.
RNZ News
3 days ago
- RNZ News
YouTube turns to AI to spot children posing as adults
Photo: AFP/ NurPhoto YouTube has started using artificial intelligence (AI) to figure out when users are children pretending to be adults on the popular video-sharing platform amid pressure to protect minors from sensitive content. The new safeguard is being rolled out in the United States as Google-owned YouTube and social media platforms such as Instagram and TikTok are under scrutiny to shield children from content geared for grown-ups. A version of AI referred to as machine learning will be used to estimate the age of users based on a variety of factors, including the kinds of videos watched and account longevity, according to YouTube Youth director of product management James Beser. "This technology will allow us to infer a user's age and then use that signal, regardless of the birthday in the account, to deliver our age-appropriate product experiences and protections," Beser said. "We've used this approach in other markets for some time, where it is working well." The age-estimation model enhances technology already in place to deduce user age, according to YouTube. Users will be notified if YouTube believes them to be minors, giving them the option to verify their age with a credit card, selfie, or government ID, according to the tech firm. Social media platforms are regularly accused of failing to protect the well-being of children. Australia will soon use its landmark social media laws to ban children under 16 from YouTube , a top minister said late last month, stressing a need to shield them from "predatory algorithms." Communications Minister Anika Wells said four in 10 Australian children had reported viewing harmful content on YouTube, one of the most visited websites in the world. Australia announced last year it was drafting laws that will ban children from social media sites such as Facebook, TikTok and Instagram until they turn 16. "Our position remains clear: YouTube is a video sharing platform with a library of free, high-quality content, increasingly viewed on TV screens," the company said in a statement at the time. "It's not social media." On paper, the ban is one of the strictest in the world. It is due to come into effect on 10 December. The legislation has been closely monitored by other countries, with many weighing whether to implement similar bans. - AFP
Techday NZ
3 days ago
- Techday NZ
Oracle & Google Cloud boost AI with Gemini model access
Oracle and Google Cloud have expanded their partnership to provide Oracle customers with direct access to Google's Gemini AI models through the Oracle Cloud Infrastructure Generative AI service. The collaboration gives Oracle customers the ability to leverage Gemini 2.5 and its upcoming model family for enterprise-grade applications, including advanced coding, workflow automation, and domain-specific solutions such as MedLM for healthcare. Expanded AI offerings Through the integration, enterprises will have the opportunity to use Gemini's multimodal capabilities, enabling applications that can handle text, code, and industry-specific tasks. Oracle plans further integrations with Google Cloud's Vertex AI, which will make the entire Gemini model suite - including video, image, speech, and music generation - accessible within Oracle Fusion Cloud Applications across various departments such as finance, HR, supply chain, sales, service, and marketing. Oracle customers will also be able to deploy Gemini models using their existing Oracle Universal Credits, potentially simplifying adoption and controlling costs. Use cases and industry impact Gemini models are designed to provide accuracy and performance for enterprise use cases, partly due to their grounding in up-to-date Google Search data, large context windows, and data privacy features. The models can be used for knowledge retrieval, productivity tools, advanced software development, and sector-specific solutions. Specialised industry models like MedLM for healthcare are among the offerings expected for future integration. The presence of these models within existing Oracle platforms aims to streamline the adoption of AI across industries, supporting teams in tasks that range from automating business processes to building AI-powered agents. Customer access and integration With the expanded partnership, Oracle states customers will have more flexibility and choice over the models they use. As future integrations are developed, customers will be able to select from a range of Gemini models via Vertex AI, directly within Oracle's cloud applications ecosystem. "Today, leading enterprises are using Gemini to power AI agents across a range of use cases and industries," said Thomas Kurian, CEO, Google Cloud. "Now, Oracle customers can access our leading models from within their Oracle environments, making it even easier for them to begin deploying powerful AI agents that can support developers, streamline data integration tasks, and much more." Google's Gemini models have been cited for their enterprise suitability due to features such as encryption, privacy controls, and reasoning abilities. Clay Magouyrk, President, Oracle Cloud Infrastructure, stated, "Oracle has been intentional in offering model choice curated for the enterprise, spanning open and proprietary models. The availability of Gemini on OCI Generative AI service highlights our focus on delivering powerful, secure, and cost-effective AI solutions that help customers drive innovation and achieve their business goals." Performance and scalability Oracle continues to position its infrastructure as a foundation for running intensive AI workloads. According to the companies, Oracle Cloud Infrastructure offers specialised, cost-effective GPU instances suitable for applications in generative AI, natural language processing, computer vision, and recommender systems. The collaboration is described as a means for customers to apply generative and agentic AI to business needs, with a focus on meeting enterprise requirements for security, adaptability, and performance. Through this partnership, both companies aim to facilitate the deployment of multimodal and AI agent technologies in a broad range of enterprise scenarios.
