Google Seeks to Make Cybersecurity Easier
The new product aims to combine Mandiant and VirusTotal into its Gemini AI model
For the longest possible time, discussions around generative AI have revolved around people describing it as the devil’s tool to disturb the internet with fake photos and videos and the other lot that believe it to be the greatest invention after sliced bread. Now, Google has launched a new cybersecurity product that makes threat reports easier to read and assess.
The new product is called Google Threat Intelligence and brings together the work done by its recent acquiree Mandiant as well as VirusTotal threat intelligence with the Gemini AI model wrapped around it. In a blog post, Google says its efforts were to contextualize and operationalize intelligence relevant to organizations.
The product uses Gemini 1.5 Pro large language model which reduces the time needed to reverse-engineer malware attacks, which Google claims took just 34 seconds to analyze the code of the WannaCry virus that hacked into hospitals and companies around the world in 2017. What’s more, it also successfully identified a kill switch.
Google says it offers vast data and quick analysis
Co-authored by Sunil Potti, VP of Google Cloud Security, and Sandra Joyce, VP of Google Threat Intelligence, the blog takes pains to note that threat intelligence solutions faced two major challenges, viz., lack of a comprehensive view of the threat landscape and the excessive time and money that companies require to collect and operationalize the data and get value.
According to them, Google’s new offering combines the depth of Mandiant frontline expertise, the wider reach of the VirusTotal community, and the breadth of visibility that Google can deliver, based on billions of signals across devices and emails. “Google Threat Intelligence includes Gemini in Threat Intelligence, our AI-powered agent that provides conversational search across our vast repository of threat intelligence, enabling customers to gain insights and protect themselves from threats faster than ever before,” says the post.
“While there is no shortage of threat intelligence available, the challenge for most is to contextualize and operationalize intelligence relevant to their specific organization,” said Dave Gruber, principal analyst, Enterprise Strategy Group.
The culmination of Mandiant and VirusTotal
“Unarguably, Google provides two of the most important pillars of threat intelligence in the industry today with VirusTotal and Mandiant. Integrating both into a single offering, enhanced with AI and Google threat insights, offers security teams a new means to operationalize actionable threat intelligence to better protect their organizations.”
By combining its comprehensive view of the threat landscape with Gemini, Google has speeded up the threat research processes, augmented defense capabilities, and reduced the time it takes to identify and protect against novel threats. Customers now can condense large data sets in seconds, quickly analyze suspicious files, and simplify challenging manual threat intelligence tasks, the blog said.
Of course, the true test needs more time
Readers would recall that Google bought Mandiant, the cybersecurity company that uncovered the 2020 SolarWinds cyber-attack against the US government, in 2022. They now plan to use its experts to assess security vulnerabilities around AI projects. Through the Secure AI Framework, Mandiant will test the defenses of AI models and help in red-teaming efforts.
Of course, one must keep in mind that while AI models can do all of what Google says they can, there is also that invisible threat that these models could themselves fall prey to malicious actors. Things like date poisoning, which refers to adding bad code to data AI models, have been in vogue and caused such models to fail in the wake of specific prompts.
Also, Google isn’t the first one off the blocks on cybersecurity led by AI models as Microsoft’s Copilot for Security is powered by GPT-4, which allows security professionals to ask questions about threats. Of course, one would have to wait till some cybercriminal strikes to understand which of these models are effective or whether both are part of yet another hype moment in the AI journey that started in the winter of 2022.
