At Google Cloud Next, Google Cloud announced Google Unified Security, new security agents, and security portfolio advances to improve security and enable every enterprise to use Google for security.
Introducing Google Unified Security
Enterprise infrastructure grows in size and complexity, increasing the attack surface and making defenders’ tasks harder. Separate, disconnected security tools fragment data without context, leaving firms exposed and reactive to rising threats. Security teams function in silos with delayed workflows, making it difficult to assess and improve the organization’s risk profile.
The best-in-class threat intelligence, security operations, cloud security, and safe enterprise browsing solutions, together with Mandiant expertise, are being combined into Google Unified Security, an AI-powered integrated security solution.
Now widely available, Google Unified Security sets the standard for security. It creates an attack surface-wide, scalable, searchable security data fabric. It It allows network, endpoint, cloud, and app visibility, detection, and reaction. The latest Google Threat information is automatically added to security data for better detection and prioritization. Importantly, Google Unified Security improves every part of Gemini for practitioners.
Google Unified Security’s features include integrated product experiences like:
- Google Security Operations uses Chrome Enterprise telemetry and asset context to detect and remediate threats.
- Google Threat Intelligence used with security validation to identify exposures and verify security policies against recent threat actor activity.
- Security Command Center cloud risks and exposures, including AI workloads, enhanced with Google Threat Intelligence to better threat search and triage issues.
These integrated tools, powered by semi-autonomous AI, enable enterprises to predict attacks and mitigate risks before attackers can inflict commercial damage or loss.
Security agents and Gemini
Agentic AI is transforming security operations. Intelligent agents will assist human analysts with ordinary chores, improve their decision-making, and free them to focus on complex topics. Gemini in Security agents are new today:
- Google Security Operations alert triage agents conduct dynamic user investigations. This agent, expected to preview for select clients in Q2 2025, examines each alert’s context, accumulates pertinent information, and renders a verdict, along with a history of evidence and decision making. This always-on investigation agent will greatly minimize Tier 1 and Tier 2 analysts’ manual effort of triaging and investigating hundreds of warnings every day.
- Google Threat Intelligence malware analysts assess code safety. This agent, expected to preview for select clients in Q2 2025, examines harmful code and can generate and run deobfuscation scripts. Agent summarizes work and gives final conclusion.
These agentic AI advances aim for faster detection and response, full visibility, and optimized workflows. They enable security teams to cut toil, build cyber-resilience, and revolutionize strategic programs.
What’s new in Google Security Operations
Customers may now manage size, costs, and compliance with new data pipeline management features. Expanding Google Cloud cooperation with Bindplane, you can now process and prepare data for downstream usage, route data to numerous destinations and tenants to manage scalability, filter data to reduce volume, and redact sensitive data for compliance.
Google Security Operations now offers complete active threat detection, hunting, and response with Mandiant Threat Defense. Mandiant professionals supplement customer security teams by employing AI-assisted threat hunting to discover and respond to attacks, investigate, and scale response through security operations SOAR playbooks.
What’s new in Security Command Center
The introduced AI Protection for Google Cloud customers to manage AI risk throughout the lifecycle. AI Protection finds AI inventories, secures AI models and data, and detects and responds to AI threats.
Model Armor, accessible as part of AI Protection, lets you apply content safety and security rules to prompts and responses for many models across many clouds. Vertex AI and Model Armor are now connected so developers can automatically route prompts and responses for protection without application changes.
New Data Security Posture Management (DSPM) features, previewing in June, can discover, secure, control, and monitor sensitive data, including AI training data. DSPM can find and classify sensitive data, apply data security and compliance controls, monitor for violations, and enforce access, flow, retention, and protection in Google Cloud data analytics and AI products.
The end-of-June preview of a new Compliance Manager will streamline policy formulation, control configuration, enforcement, monitoring, and audit. Audit Manager makes it easy for Google Cloud users to monitor, report, and certify compliance to auditors by building on Assured Workloads infrastructure controls.
Other Security Command Center improvements:
- Early integration with Snyk’s developer security platform to help teams uncover and patch software vulnerabilities faster.
- Recently released Google Compute Engine and Google Kubernetes Engine Security Risk dashboards provide insights into top security findings, vulnerabilities, and open issues directly in the product consoles.
Google Cloud Risk Protection Program, which discounts cyber-insurance based on cloud security, is expanding. It excited to join with Beazley and Chubb, two of the world’s largest cyber-insurers, to provide client choice and international coverage.
The partners offer positive AI insurance for Google Cloud users and workloads as part of the initiative. Chubb will be proactive in covering quantum exploits and quantum computing assaults.
What’s new in Chrome Enterprise
Chrome Enterprise Premium now protects employees from lookalike sites and portals trying to steal passwords using Google Safe Browsing data. To detect internal domain phishing attempts, organizations can now configure and add their own branding and corporate assets.
Chrome’s easy and effective data protections assist organizations. Chrome Enterprise Premium now includes data masking, watermarking, screenshot blocking, copy, paste, upload, download, and printing restrictions. Enterprise browsing protections like copy and paste controls and URL filtering are coming to Android.
News from Mandiant Cybersecurity Consulting
Mandiant Retainer experts are available on demand with pre-negotiated terms and two-hour incident response times. Customers can now redeem pre-paid monies for research, education, and intelligence to improve their skills and resilience.
Mandiant Consulting is working with Rubrik and Cohesity to reduce cyberattack downtime and recovery expenses. Mandiant experts and data backup and recovery partners may help customers create, test, and validate a Google Cloud cloud-isolated recovery environment (CIRE) for important applications and provide incident response services in the event of a compromise.
What’s new for Trusted Cloud
The regularly add security controls and features to Google Cloud platform to help enterprises meet policy, regulatory, and business goals. The following updates are announced today:
For Sovereign Cloud:
Google Cloud offers the industry’s widest range of sovereign cloud solutions to address customers’ changing data, operational, and software sovereignty needs. Regional and Sovereign Controls are available in 32 regions in 14 countries on Google Cloud. Google Cloud Sovereign AI is available in public, sovereign, distributed, and Google Workspace clouds.
Partnership with Thales has launched the S3NS Trusted Cloud, now in preview, to fulfill France’s highest cloud certification, SecNumCloud, from the National Cyber Agency. It’s the first Google Cloud-based sovereign cloud provider operated, majority-owned, and fully controlled by a European entity.
For Identity and Access Management:
- In Q2, unified access policies will define IAM allow and IAM deny policies as a single specification, making fine-grained access controls more consistent.
- Managed Workload Identities, now in preview, lets you provision SPIFFE-based identities for workload-to-workload authentication utilizing mutual TLS. Workload Identity Federation with X.509 certificates is now available, strengthening workload authentication.
For data security
- Google Cloud Confidential Computing services are expanding. Confidential GKE Nodes with AMD SEV-SNP and Intel TDX will be available in Q2 without code changes to protect regular GKE workloads. GKE Nodes with NVIDIA H100 GPUs on the A3 machine series will preview in Q2 and allow secret GPU computing without code adjustments.
- Now fully accessible, Sensitive Data Protection discovery solution for Vertex AI and Azure Storage allows continuous data asset monitoring and interaction with Security Command Center’s virtual red teaming and AI Protection. It also announced Dataplex V2 support and preview data-in-motion scanning with Cloud Load Balancing and Secure Web Proxy.
- Single-tenant Cloud Hardware Security Module (HSM), under preview, gives users full administrative control over Google Cloud-managed, isolated HSM clusters.
To secure networks:
- Network Security Integration lets companies protect Google Cloud workloads with third-party network appliances and service deployments without changing routing policy or network architecture. Out-of-band ecosystem partner integrations are generally available, while in-band integrations are in preview.
- DNS Armor, powered by Infoblox Threat Defense, will preview later this year and detect DNS-based threats using multi-sourced threat intelligence and sophisticated AI/ML.
- Hierarchical policies for centralized control and automatic protection of new projects are showcased in Cloud Armor Enterprise.
- Later this year, Cloud NGFW Enterprise will preview L7 domain filtering to monitor and restrict egress web traffic to approved destinations.
- In preview, Secure Web Proxy (SWP) integrates Google’s Sensitive Data Protection and Symantec DLP service extensions for inline network data loss protection.
Next step
These announcements only scratch the surface of what it can achieve by combining security, AI, and frontline intelligence.
In today’s threat landscape, choosing a strategic security partner is crucial, and Google Unified Security is the best, easiest, and fastest method to add Google to your security team.