Expanding our Security AI ecosystem at Security Summit 2023

Organizations large and small are realizing that digital transformation requires a ground-up approach to modernize security. However, that digital transformation is being threatened by increasingly disruptive cyber risks and threats. At our annual Google Cloud Security Summit today, we’re sharing the latest insights into how the threat landscape is evolving and how innovations across our portfolio, including generative AI-driven capabilities, can help organizations around the world address their most pressing security challenges. 

We’ve recently announced the Google Cloud Security AI Workbench, an industry-first extensible platform powered by a specialized security large-language model (LLM), Sec-PaLM 2, as well as a partnership with Accenture to use Security AI Workbench to enhance their solutions. Today, we’re announcing that Broadcom, Crowdstrike, Egnyte, Exabeam, F5, Fortinet, Netskope, Securiti, SentinelOne, Sysdig, Tenable and Thales have committed to work with Google Cloud to bring AI-based security enhancements to their respective products.

Innovating in security with AI

Google is constantly evolving to stay ahead of threats. We’ve been working to integrate AI into our cybersecurity products and innovations since 2011 to help defend ourselves and our users, and just published our Security AI Framework outlining our principles and guidance on how to secure AI systems. Google Cloud Security AI Workbench is fine-tuned for security use cases and powers new offerings across our product portfolio that can help organizations better prevent threats, eliminate toil, and empower our collective talent to improve our security.

Empowering our security partner ecosystem with AI 

While we can supercharge our own products with AI and gain scale because they are cloud-based, we can also truly empower the industry by opening our platform to security partners who share our vision for how generative AI capabilities can meaningfully address the fundamental problems we all face. Security AI Workbench allows for partner plug-in integrations to bring in additional threat intelligence, workflow, and other critical security functionality to customers, and we’ve seen an outpouring of interest from our partner ecosystem in taking advantage of platform AI capabilities since our announcement.

Generative AI has the potential to reduce the toil of repetitive tasks that plague security teams, like aggregating and enriching data from a multitude of sources to gain a more complete understanding of risks and where to focus. 

Glen Pendley, chief technology officer at Tenable, said, “Tenable is excited to continue partnering with Google Cloud to combine our deep and extensive expertise in vulnerabilities and misconfigurations across the entire attack surface, with Google’s Security AI workbench, the first large language model built by security experts for security customers. This initiative will change the way that our joint customers protect their organizations and get ahead of security risk and exposure.” 

AI can also help address the chronic shortage of security talent by helping non-experts to secure assets without highly specialized domain knowledge or deep tools expertise. 

Alex Au Yeung, chief product officer, Symantec Enterprise Division, Broadcom, said, “Broadcom is working with Google Cloud to provide our customers with faster and more effective protections against an expanding threat landscape. Our continued collaboration will combine security AI innovations from Symantec and Google as we work to take advantage of generative AI capabilities in Google Cloud’s Security AI Workbench.”

You can learn more about our announced security partners’ AI efforts below.

Continuing the journey on cloud innovation and frontline intel

We’re also continuing to deliver new built-in products and features that can help make you safer in our trusted cloud and products that bring our leading security capabilities to on-premises environments and other clouds. Today at the Google Cloud Security Summit, we’re announcing the following updates: 

• Chronicle TDIR for Google Cloud: Threat detection, investigation, and response (TDIR) in the cloud requires different approaches, tools, and processes compared to an on-premise environment. Unfortunately, many organizations resort to a lift-and-shift approach rooted in their legacy security operations, which results in intensive efforts that often fail to deliver expected outcomes. Our cloud-based Chronicle Security Operations platform helps enable security teams to detect, investigate, and respond to cyber threats with the speed, scale, and intelligence of Google.
  
  We’re deepening the integration across our portfolio by introducing Chronicle TDIR for Google Cloud. Defenders can now get one-click ingestion of relevant cloud telemetry in Chronicle, and can detect cloud threats based on what Google knows, without the need for expert rule engineering. Chronicle will also correlate your cloud telemetry with intelligence that Chronicle sees so defenders can conduct more effective investigations, and significantly reduce response time through customizable playbooks.

• Security Command Center attack path simulation: Security Command Center Premium, our built-in security and risk management solution for Google Cloud, is adding attack path simulation. Attack path simulation gives defenders insight into their most valuable and most vulnerable resources by mimicking how a real-world attacker could exploit security gaps to access high-value assets. Security teams will be able to better pinpoint where and how they may be attacked so they can put in place the right preventative security controls. 
  
  Unlike other attack path tools that analyze static, point-in-time snapshots of an organization’s cloud footprint, Security Command Center dynamically assesses Google Cloud resources and the current state of defenses to reduce coverage gaps and help prioritize security remediation efforts. Forthcoming enhancements will use Security AI Workbench to translate complex attack graphs to human-readable explanations of attack exposure, including impacted assets and recommended mitigations.
  
  We also recently introduced our Cryptomining Protection Program offering up to $1 million of financial protection to Security Command Center Premium customers to help cover the compute expenses associated with undetected cryptomining attacks.

• Secure Web Proxy: This new cloud-based service can help monitor and secure egress web traffic. It enables organizations to better enforce granular access policies, limiting egress based on source identity, destination, or request types. It also allows organizations to monitor access to untrusted web services and investigate security events and incidents involving egress web traffic to the Internet. Unlike existing solutions, Secure Web Proxy doesn't have virtual machines (VMs) to set up and configure, doesn't require software updates to maintain security, and offers elastic scaling.

• reCAPTCHA Enterprise Fraud Prevention: To better secure financial transactions on applications and websites by preventing fraud with holistic bot management, account takeover, and online fraud detection, reCAPTCHA Enterprise now has a dedicated fraud prevention solution. reCAPTCHA Enterprise Fraud Prevention can help protect payment transactions by identifying targeted manual attacks and large-scale fraud attempts. It automatically trains fraud models based on behavior and transaction data to identify events that are likely fraudulent and could cause a dispute or chargeback if accepted.

• Apigee Advanced API abuse detection: New capabilities for Apigee’s Advanced API Security that can detect security threats and API misconfigurations. Currently in public Preview, the new API abuse detection dashboards use ML models which have been trained on a large corpus of API traffic, honed over years of learning, and used to protect Google’s public-facing services. Using these dashboards, customers can now uncover critical API abuse incidents – even business logic attacks, scraping, and anomalies – without alert fatigue or overheads.

• Passkeys support for Google Cloud and Google Workspace accounts: Passkeys are a simpler and more secure alternative to passwords that allows users to sign in with a fingerprint, face recognition, or other screen-lock mechanism across apps on phones, laptops, or desktops. In an open beta, more than 9 million organizations can allow their users to sign in to Google Workspace and Google Cloud accounts using passkeys instead of passwords.

Growing momentum with security ecosystem partners to add AI to their products

We are proud to announce that in addition to Broadcom and Tenable, 10 more partners have agreed to bring AI-based security enhancements to their respective products.

CrowdStrike: “Security leaders are uniting to deliver the most innovative AI intelligence for cyberdefense,” said Daniel Bernard, chief business officer at CrowdStrike. “CrowdStrike is proud to partner with Google Cloud on this important AI initiative to deliver cybersecurity’s platform of choice that stops breaches.”

Egnyte: “The acceleration of generative AI in recent weeks has allowed Egnyte to bring customers new solutions to better manage and secure their content. We are excited to combine Google Cloud’s AI capabilities with Egnyte’s content to provide customers with self-service tools to classify documents, synthesize security datasets and extract answers from complex documents in a privacy-first manner," said Amrit Jassal, co-founder and chief technology officer at Egnyte.

Exabeam: “We’re excited to be partnered with Google Cloud in today’s AI-driven revolution,” said Adam Geller, chief product officer, Exabeam. “Combining Google’s leading AI capabilities with Exabeam’s own machine learning and AI-based initiatives will benefit our New-Scale SIEM customers by making security more efficient and effective for everyone responsible for protecting their organizations.”

F5: “F5 takes advantage of Google Cloud’s AI capabilities to drive our Distributed Cloud Bot Defense service. F5's SOC and Data Science teams add our own unique data insights to deliver class-leading functionality which enables our customers to defend against the Internet's most sophisticated automated threats. Our teams are evaluating how Google’s new Vertex AI and the tools in Generative AI Studio will improve customer experience and make service delivery teams more efficient,“ said Brian A. McHenry, vice president, Web Application and API Security at F5.

Fortinet: “At Fortinet, we understand the positive impact AI has on cybersecurity and threat prevention, which is why we built AI-powered security into our industry-leading solutions—including our offerings for Google Cloud-based environments. We’re excited to explore ways we can leverage the Google Cloud AI platform to support our joint customers,” said John Maddison, EVP of Products and CMO at Fortinet.

Netskope: “Enterprise teams can encourage the responsible use of generative AI applications if they have the right controls in place,” said John Martin, chief product officer, Netskope. "Netskope today offers the most comprehensive data protection capabilities for safely enabling the use of generative AI. We are proud to continue to work with Google Cloud AI to drive the right outcomes for AI’s role in security and networking."

Securiti: “AI has been foundational to Securiti.ai’s Data Controls Cloud, a solution that enables organizations to leverage the incredible power of their data by providing automated and unified data controls. Google’s leading capabilities in AI, along with its Security AI Workbench, would enable further advances in the data controls for security, privacy, governance and compliance,” said Rehan Jalil, CEO, Securiti.

SentinelOne: "We are very pleased to join forces with Google to once again transform enterprise security,” said Gregor Stewart, vice president of AI at SentinelOne. “By deeply integrating generative AI technology into our platform, we will enable customers to more effectively protect their operations today and lay the foundation to defeat coming threats."

Sysdig: “We see the tremendous potential that AI can make in up-leveling developer and security teams. We applaud Google Cloud's AI leadership, and like Google, we believe that AI can help up-level developer and security teams. In the event of an attack, AI can help everyone better communicate and leap-frog threat actors who are also racing to use AI for their own ill-gotten gains. We're excited to leverage Google Cloud's AI capabilities with our unique runtime insights," said Loris Degioanni, CTO and founder of Sysdig.

Thales: “Managing risk has grown in complexity as more organizations store their sensitive information in the cloud — often without encryption or full visibility into where that data lives. Through this collaboration, Google’s leading AI capabilities will further enhance the performance of Thales CipherTrust Intelligent Protection, which aims to solve these challenges through the discovery and classification of sensitive information,” said Todd Moore, vice president of Encryption Products at Thales. “Together, these technologies will allow for powerful, AI-backed features that automate fundamental tasks for customers and ultimately ensure their sensitive data in the cloud remains within established and secure premises.” 

Learn more at Google Cloud Security Summit

You can learn more about our announcements by attending the Google Cloud Security Summit, which runs today and on-demand afterwards. We look forward to helping make your organization, employees, and customers safer with Google, in the industry’s most trusted cloud or wherever your critical assets reside.