Artificial intelligence tools are used to carry out cyber attacks. How to defeat them? Using AI, Google claims.
On Tuesday, during Google Next, the annual conference of the technology giant held at the Moscone Center in San Francisco, Google presented new solutions based on AI, and aimed at improving the cybersecurity capabilities of the company’s security and cloud computing solutions.
According to Sunil Potti, CEO of Google Cloud Security, the company wants to “meet security challenges: the exponential growth of threats, the time it takes for security teams to achieve the desired results and the chronic shortage of talent in the security field”.
One way to address these challenges is to use AI as part of a “holistic approach,” says Potti, and equip IT security teams with technologies that speed up processes, improve threat detection and speed up existing workflows. This allows defenders to have the necessary time and space to focus on tasks that require the attention of a human operator.
Here’s everything you need to know about the security improvements Google made at the Google Next 2023 conference and the expansion of Duet AI’s capabilities, all of which are at the heart of the new security offerings.
What is Duet AI?
Introduced in Google Workspace and Google Cloud, with new features announced on Tuesday, Duet AI is an “AI collaborator” that provides assistance, including writing help, improving spreadsheets, note-taking, and much more. In the cloud, Duet AI focuses on code development support, natural language processing and application development.
At the Google Next conference, the company presented new features related to the security of the AI tool.
Duet AI in Mandiant Threat Intelligence
Duet AI has been integrated into a number of products used by cloud security teams, the first of which is Mandiant Threat Intelligence.
Mandiant Threat Intelligence is a service that compiles threat data, including tactics, techniques and procedures (TTP) used by cybercriminals. Automatically generated summaries can provide security teams with data about adversaries and their techniques, which can help defenders make decisions to secure their networks. Duet AI will accelerate these functions and facilitate the integration of threat intelligence into SOC workflows.
Duet AI in Mandiant Threat Intelligence is available now in preview and will be available this year.
Duet Al in Chronicle Security Operations
Duet Al is now available in Chronicle Security Operations, Google’s SOC (Security Operations Center).
The artificial intelligence system will focus on streamlining certain threat detection and security practices by also providing automatically generated summaries based on significant threats and contextual data, as well as response recommendations.
A particularly interesting feature of the Duet AI integration is the way natural language processing is used. According to Google, Duet AI will improve Chronicle’s natural language search, allowing questions to be entered, of which Chronicle will generate queries and “present a fully mapped syntax for the search, and will allow refining and iterating quickly on the results”.
Duet Al in Chronicle Security Operations is now available in preview and should be generalized this year.
Duet Al in Security Command Center
Duet Al is also integrated into the Google Cloud Security Command Center, a security and risk management solution for Google Cloud customers. The security solution can be used to discover misconfigurations, a common problem that allows unauthorized access and causes risks of data breaches. What better way to protect Google Compute Engine, Google Kubernetes Engine, BigQuery, or CloudSQL.
From now on, Duet AI will be offered for the “almost instantaneous” analysis of security problems and potential attack routes. Google claims that the introduction of AI in the Security Command Center will reduce the work of threat analysis, with summaries allowing to focus on remediation and prevent “critical results” from being overlooked.
In addition, Google adds Tenable’s agentless vulnerability analysis to its security solution.
Mandiant Hunt for Chronicle
In addition, Google has introduced Duet Al in Mandiant Hunt for Chronicle Security Operations, which is now available for preview.
Google completed the acquisition of Mandiant, a company specializing in threat intelligence and cybercrime, in 2022. Since then, Mandiant’s capabilities have been merged with Google’s technologies, and the inclusion of DuetAI in Mandiant Hunt is the latest improvement.
According to Google, Mandiant Hunt, a managed service, “now integrates Mandiant’s intelligence and expertise with Google Cloud technology to search for undetected attacks”. The introduction of AI can help defenders detect more threats to their organizations, including new attack methods, through the detection of malicious behavior patterns and the combination of old security data and new telemetry data.
This is what Google says about it:
“Mandiant Hunt for Chronicle allows Mandiant experts to perform a continuous threat hunt on Chronicle data in order to expose the activities of attackers and reduce the impact on the company. It integrates the latest information on the behavior of attackers provided by Mandiant’s front-line experts with the powerful security data analysis and search capability of Chronicle Security Operations. Mandiant Hunt for Chronicle can help companies fill their skills gap and benefit from high-level assistance without having to bear the costs of hiring, tooling and training.
Source: “ZDNet.com “