Artificial intelligence tools are used to carry out cyberattacks. How to defeat them? By using AI, says Google.
On Tuesday at Google Next, the tech giant’s annual conference held at the Moscone Center in San Francisco, Google showcased new AI-powered solutions aimed at improving the cybersecurity capabilities of security solutions and enterprise cloud computing.
According to Sunil Potti, CEO of Google Cloud Security, the company wants to “address security challenges: the exponential growth of threats, the time it takes security teams to achieve desired results, and the chronic shortage of talent in the field. of security”.
One way to address these challenges is to use AI as part of a “holistic approach,” says Potti, and equip IT security teams with technologies that speed up processes, improve detection threats and accelerate existing workflows. Enough to give defenders the time and space they need to focus on tasks that require the attention of a human operator.
Here’s everything to know about Google’s security enhancements at the Google Next 2023 conference and expanded Duet AI capabilities, all of which are at the heart of the new security offerings.
What is Duet AI?
Introduced in Google Workspace and Google Cloud, with new features announced on Tuesday, Duet AI is an “AI collaborator” that provides assistance including writing assistance, improving spreadsheets, taking notes, And many more. In the cloud, Duet AI focuses on code development assistance, natural language processing, and application development.
During the Google Next conference, the company presented new features related to the security of the AI tool.
Duet AI in Mandiant Threat Intelligence
Google
Duet AI has been integrated into a number of products used by cloud security teams, the first of which was Mandiant Threat Intelligence.
Mandiant Threat Intelligence is a service that compiles threat data, including tactics, techniques, and procedures (TTPs) used by cybercriminals. Automatically generated summaries can provide security teams with data about adversaries and their techniques, which can help defenders make decisions to secure their networks. Duet AI will accelerate these functions and make it easier to integrate threat intelligence into SOC workflows.
Duet AI in Mandiant Threat Intelligence is available in preview now and will be available this year.
Duet Al in Chronicle Security Operations
Google
Duet Al is now available in Chronicle Security Operations, Google’s Security Operations Center (SOC).
The AI system will focus on streamlining certain threat detection and security practices, again providing automatically generated summaries based on important threats and contextual data, along with response recommendations.
One particularly interesting feature of the Duet AI integration is how natural language processing is used. According to Google, Duet AI will improve Chronicle’s natural language search, allowing questions to be entered, of which Chronicle will generate queries and “present a fully mapped syntax for search, and allow rapid refinement and iteration over results. “.
Duet Al in Chronicle Security Operations is now available in preview and should be generalized this year.
Duet Al in Security Command Center
Google
Duet Al is also integrated with Google Cloud’s Security Command Center, a security and risk management solution for Google Cloud customers. The security solution can be used to uncover misconfigurations, a common problem that allows unauthorized access and causes risk of data breaches. What better to protect Google Compute Engine, Google Kubernetes Engine, BigQuery, or CloudSQL.
From now on, Duet AI will be offered for “near-instantaneous” analysis of security issues and potential attack paths. Google says the introduction of AI into the Security Command Center will reduce threat analysis work, with summaries allowing focus on remediation and preventing “critical findings” from being overlooked.
Additionally, Google is adding Tenable’s agentless vulnerability scanning to its security solution.
Mandiant Hunt for Chronicle
Additionally, Google introduced Duet Al in Mandiant Hunt for Chronicle Security Operations, which is now available for preview.
Google completed the acquisition of Mandiant, a threat intelligence and cybercrime company, in 2022. Since then, Mandiant’s capabilities have been merged with Google’s technologies, and the inclusion of DuetAI in Mandiant Hunt is the latest improvement.
According to Google, Mandiant Hunt, a managed service, “now integrates Mandiant’s intelligence and expertise with Google Cloud technology to hunt for undetected attacks.” The introduction of AI can help defenders detect more threats to their organizations, including new attack methods, through the detection of malicious behavior patterns and the combination of old security data and new telemetry data.
This is what Google says about it:
“Mandiant Hunt for Chronicle enables Mandiant experts to perform continuous threat hunting on Chronicle data to expose attacker activities and reduce business impact. It incorporates the latest behavioral insights from attackers provided by Mandiant’s front-line experts to the powerful security data analysis and research capability of Chronicle Security Operations. Mandiant Hunt for Chronicle can help organizations close their skills gap and benefit from a top-notch support without having to incur the cost of hiring, tooling and training.
Source: “ZDNet.com”