Google Workbench Taps AI Tech for Next-Gen Cybersecurity

Generative AI for cybersecurity is an emerging category with Google an early entrant. At this week’s RSA Conference 2023 in San Francisco, Google unveiled Cloud Security AI Workbench, a toolkit powered by a customized AI language model called Sec-PaLM that is “fine-tuned for security use cases.” Accenture is the first client to sign up for Workbench. Google also announced it is combining its Google Cloud and Mandiant ecosystems to offer a turnkey solution to ward off threats “from incident response through proactive defense,” drawing on integrations from more than 100 leading cybersecurity vendors.

Mandiant was a $5.4 billion Google purchase in 2022. The Alphabet company previously acquired VirusTotal, which aggregates online scan engines, in 2012, folding it into its cloud-native Chronicle unit.

“As an organization that’s been on the frontlines of some of the most impactful breaches, we recognize that the fight against persistent, global adversaries requires a united defense,” Kevin Mandia, CEO of Mandiant, Google Cloud, said in an announcement.

In addition to signing up for Workbench, Accenture is expanding on its five-year-old Google partnership to add Google Cloud technologies to its managed detection and response (MxDR) security service, “bringing customers a comprehensive security service inclusive of Chronicle security operations and Mandiant Intelligence and Consulting offerings,” per a Google press release.

Google Cloud Security AI Workbench details a prolific new toolset in a blog post that says the suite is engineered to “uniquely address three top security challenges: threat overload, toilsome tools, and the talent gap.” Google posits that “most people who are responsible for security — developers, system administrators, SRE, even junior analysts — are not security specialists by training,” and for them, Workbench AI will make life easier thanks to Sec-PaLM.

Chronicle customers can use Chronicle AI “to search billions of security events and interact conversationally with the results, ask follow-up questions, and quickly generate detections, all without learning a new syntax or schema.”

Security Command Center AI will translate complex attack graphs to human-readable explanations of attack exposure, including impacted assets and recommended mitigations. It will also provide AI-powered risk summaries for security, compliance and privacy findings for Google Cloud.

Google says it is using generative AI to “supercharge security,” and TechCrunch attests the Workbench teems with “bold ambitions,” pointing out that “VirusTotal Code Insight, the first tool in the Cloud Security AI Workbench, is only available in a limited preview at the moment.” Google “plans to roll out the rest of the offerings to ‘trusted testers’ in the coming months.”

“As you’re generating your infrastructure, there’s an auto-generated security policy, security control, or security config that goes along with that,” Google Cloud VP engineering Eric Doerr explained to VentureBeat. “That’s one example that we’re working on that we think will be transformative in the world of security operations and security administration.”

No Comments Yet

You can be the first to comment!

Leave a comment

You must be logged in to post a comment.