Gemini in Security Command Center

Gemini in Security Command Center, which is a product in the Gemini for Google Cloud portfolio, provides the following assistance with cloud security and enterprise security operations:

• Generate UDM search queries from natural language questions. Gemini in Security Command Center can translate simple natural language questions about your threat data into UDM Search queries that you can run against UDM events.

• Summarize cases. The AI Investigation widget looks at a whole case (alerts, events, and entities) and provides you with an AI-generated case summary of how much attention the case might require. The widget also helps you better understand the security issue by summarizing the alerts and by providing recommendations for the next steps you can take to remediate the issue.

Learn how and when Gemini for Google Cloud uses your data. As an early-stage technology, Gemini for Google Cloud products can generate output that seems plausible but is factually incorrect. We recommend that you validate all output from Gemini for Google Cloud products before you use it. For more information, see Gemini for Google Cloud and responsible AI.

Features

The following table shows the Gemini features in Security Command Center, along with links to documentation:

Task	Type of assistance	Product documentation
Generate UDM Search queries for threats with natural language questions	Translate a natural language question into a UDM Search query that you can run against UDM events for threat investigations.	Natural language search for threat investigations
Summarize cases	Provide an AI-generated summary of how much attention the case might require. Summarize the alerts data to understand the risk. Recommend steps for remediation of the issue.	AI Investigation widget for cases

Where to interact with Gemini in Security Command Center

You can find the Gemini features in the Premium and Enterprise tiers of Security Command Center.

Case AI summaries

If you are using the Enterprise tier of Security Command Center, you can find the AI Investigation widget that displays the AI summaries for cases under the Case Overview tab on the Cases page in the Security Operations console.

UDM search queries from natural language questions

If you are using the Enterprise tier of Security Command Center, you can enter your natural language questions about your threat data on the SIEM search page, which you can find in the Investigations menu.

Set up Gemini in Security Command Center

Case AI summaries and UDM search queries are included in Security Command Center Enterprise tier.

No additional setup steps are required.

What's next

• Learn how Gemini for Google Cloud uses your data.
• Learn more about Security Command Center.