Security Operations, Google’s platform for detecting, investigating, and responding to cybersecurity threats, will use AI to automate detections from threat discoveries. Google and Mandiant experts provide teams with curated detections that let them specify the type of threat detection they need for their environment. The company unveiled two new kinds of detections: cloud and emerging threats.
New detections include cloud and emerging threats
Cloud detections help protect against serverless threats by tracking cryptocurrency mining incidents and findings from Google Cloud and Security Command Center Enterprise. They also integrate rules for detecting unusual user behavior, machine learning-generated alerts for device issues, and basic security coverage for Amazon Web Services. Cloud detections are now available with SecOps Enterprise and Enterprise Plus.
“As with many tools, I think it’s going to be a situation that depends on the maturity of an organization’s security team,” said Nick Hyatt, Director of Threat Intelligence at Blackpoint Cyber.
“There are a lot of security teams that buy threat intelligence tools and then don’t do anything with them because they don’t know how to use the tool to meet their needs. Threat Intelligence can’t be completely automated — even with the benefits that generative AI brings to the table, and you still need human analysis to validate results and provide context.”
The introduction of AI-enhanced cybersecurity tools such as Google Threat Intelligence reflects a broader industry trend toward leveraging artificial intelligence and machine learning for more effective threat detection and response, said Aura Chief Scientist and EVP of Product and Development Zulfikar Ramzan.
“The reality is AI is enabling more sophisticated cyber attacks from criminals, and we need defenses that keep up — for the enterprise and the individual,” he said. “AI technologies enable security solutions to analyze large volumes of data rapidly, identify patterns, and detect anomalies that may indicate potential security breaches.