Stay organized with collections
Save and categorize content based on your preferences.
Gemini in Security Command Center, which is a product in the
Gemini for Google Cloud portfolio, provides
the following assistance with cloud security and enterprise security operations:
Generate UDM search queries from natural language questions.
Gemini in Security Command Center can translate simple
natural language questions about your threat data into UDM Search
queries that you can run against UDM events.
Summarize cases. The AI Investigation widget looks at a
whole case (alerts, events, and entities) and provides you with an
AI-generated case summary of how much attention the case might require.
The widget also helps you better understand the security issue by
summarizing the alerts and by providing recommendations for the next
steps you can take to remediate the issue.
The following table shows the Gemini features in
Security Command Center:
Task
Type of assistance
Product documentation
Generate UDM Search queries for threats with natural language questions
Translate a natural language question into a UDM Search
query that you can run against UDM events for threat investigations.
Natural language search for threat investigations
Summarize cases
Provide an AI-generated summary of how much attention the
case might require.
Summarize the alerts data to understand the risk.
Recommend steps for remediation of the issue.
AI Investigation widget for cases
Where to interact with Gemini in Security Command Center
You can find the Gemini features in the Premium and Enterprise
tiers of Security Command Center.
Case AI summaries
If you are using the Enterprise tier of Security Command Center, you can
find the AI Investigation widget that displays the AI summaries for
cases under the Case Overview tab on the Cases page in the
Security Operations console.
UDM search queries from natural language questions
If you are using the Enterprise tier of Security Command Center, you can enter
your natural language questions about your threat data on the SIEM search page,
which you can find in the Investigations menu.
Set up Gemini in Security Command Center
Case AI summaries and UDM search queries are included in Security Command Center
Enterprise tier.
No additional setup steps are required.
What's next
See the latest enhancements and fixes in
release notes.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[[["\u003cp\u003eGemini in Security Command Center can translate natural language questions about threat data into UDM Search queries for investigations.\u003c/p\u003e\n"],["\u003cp\u003eThe AI Investigation widget in Security Command Center provides AI-generated case summaries, assessing the required level of attention and offering remediation steps.\u003c/p\u003e\n"],["\u003cp\u003eGemini features, including case summaries and UDM search queries, are available in the Premium and Enterprise tiers of Security Command Center.\u003c/p\u003e\n"],["\u003cp\u003eThe AI Investigation widget can be found on the Cases page within the Case Overview tab, and natural language UDM search queries can be input on the SIEM search page.\u003c/p\u003e\n"]]],[],null,["# Gemini in Security Command Center, which is a product in the\n[Gemini for Google Cloud](/gemini/docs/overview) portfolio, provides\nthe following assistance with cloud security and enterprise security operations:\n\n- **Generate UDM search queries from natural language questions**.\n Gemini in Security Command Center can translate simple\n natural language questions about your threat data into UDM Search\n queries that you can run against UDM events.\n\n- **Summarize cases**. The AI Investigation widget looks at a\n whole case (alerts, events, and entities) and provides you with an\n AI-generated case summary of how much attention the case might require.\n The widget also helps you better understand the security issue by\n summarizing the alerts and by providing recommendations for the next\n steps you can take to remediate the issue.\n\nLearn [how and when Gemini\nfor Google Cloud uses your data](/gemini/docs/discover/data-governance).\n| As an early-stage technology, Gemini for Google Cloud\n| products can generate output that seems plausible but is factually incorrect. We recommend that you\n| validate all output from Gemini for Google Cloud products before you use it.\n| For more information, see\n| [Gemini for Google Cloud and responsible AI](/gemini/docs/discover/responsible-ai).\n\nFeatures\n--------\n\nThe following table shows the Gemini features in\nSecurity Command Center:\n\nWhere to interact with Gemini in Security Command Center\n--------------------------------------------------------\n\nYou can find the Gemini features in the Premium and Enterprise\ntiers of Security Command Center.\n\n### Case AI summaries\n\nIf you are using the Enterprise tier of Security Command Center, you can\nfind the **AI Investigation** widget that displays the AI summaries for\ncases under the **Case Overview** tab on the **Cases** page in the\nSecurity Operations console.\n\n### UDM search queries from natural language questions\n\nIf you are using the Enterprise tier of Security Command Center, you can enter\nyour natural language questions about your threat data on the SIEM search page,\nwhich you can find in the **Investigations** menu.\n\nSet up Gemini in Security Command Center\n----------------------------------------\n\nCase AI summaries and UDM search queries are included in Security Command Center\nEnterprise tier.\n\nNo additional setup steps are required.\n\nWhat's next\n-----------\n\n- See the latest enhancements and fixes in [release notes](/gemini/docs/release-notes).\n- Learn how [Gemini for Google Cloud uses your data](/gemini/docs/discover/data-governance).\n- Learn more about [Security Command Center](/security-command-center/docs/security-command-center-overview)."]]
