Google, a technology company, announced plans this week to introduce AI agents into overburdened SOCs to lessen the manual labor needed by security investigators.
A major component of the larger Google Unified Security platform that offers protection tools across risk intelligence, security operations, cloud security, and safe enterprise browsing are the AI-driven agents, which promise load relief for Tier 1 and Tier 2 Device analysts.
The firm claimed at the Google Cloud Next meeting that the AI-driven security agents are designed to lessen the strain on security operations centers, which are frequently overburdened by the volume of incident and alert data. Google believes that by automating routine tasks, AI will help people analysts concentrate on more sophisticated investigations and accelerate incident response tasks.
The second tool, according to the business, is an sensitive triage agent that is embedded in Google Security Operations and will be available for preview with some customers in Q2 2025. The agent may immediately evaluate coming security alerts, gather situational data, review historic patterns, and come up with a final decision on each one.
Google promised to provide a comprehensive record of its examination, aiding teams in understanding the decision-making process.
A malicious analysis broker that is programmed to automatically evaluate suspicious code is the second tool, which is a part of the Google Threat Intelligence collection. Google claimed that this broker is designed to run deobfuscation scripts and describe its results to determine whether password is secure. This agent is also on schedule for a Q2 2025 demo.
Following Google’s implementation of an experimental artificial intelligence design to help incident response and risk analysis workflows coming from its Mandiant threat-intel unit, the plans for agentic AI security tooling are being developed.
Sec-Gemini v1, the AI model, claims to have integration with Google’s Gemini large language model, Google Threat Intelligence ( GTI), the Open Source Vulnerability ( OSV ) database, and other internal resources.  ,  ,
In addition to the new AI officials, the organization made the public availability of Google Unified Security, a program that combines data from networks, endpoints, clouds, and applications into a single accessible program. It promises automatic security data enrichment with brand-new Mandiant threat intelligence and faster detection and response times across various security tools.
Google also developed new capabilities for managing data pipelines to aid customers in managing scale, as well as a partnership with Bindplane to transform, filter, and route data. Mandiant Threat Defense, which uses AI-assisted methods and managed services, is also now available, according to the company.
Additionally, the company added expanded data masking and browsing controls that cover Android devices, as well as enhanced employee phishing protections provided by Google Safe Browsing data to Chrome Enterprise Premium browser.  ,
Google promoting the” Sec-Gemini” AI Model for Threat-Intel Workflows
Google Uses Eye-Opening Results to Test Fuzz with AI Magic.
Chinese APT Reacts to Misdiagnosed RCE in Ivanti VPN Appliances ,
Google DeepMind Discovers Framework to Exploit AI’s Cyber Weaknesses