GCP – Announcing new capabilities for enabling defenders and securing AI innovation

AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment. From proactively finding zero-day vulnerabilities to processing vast amounts of threat intelligence data in seconds to freeing security teams from toilsome work, AI empowers security teams to achieve not seen before levels of defense and efficiency. 

Today, at Google Cloud Security Summit 2025, we’re sharing details around new capabilities designed to help you secure your AI initiatives, and to help you use AI to make your organization more secure. 

Securing AI innovation: Protecting your entire AI ecosystem

As organizations increasingly use AI agents across diverse environments, securing agents becomes a paramount concern. Existing capabilities in Security Command Center’s AI Protection solution such as Sensitive Data Protection can help discover and redact sensitive data used with agents to mitigate data poisoning, while Model Armor can help screen agent, tool, and MCP server interactions to mitigate threats such as prompt injection and tool poisoning. 

To further protect AI agents, we are excited to share three new capabilities that will help organizations secure agentic AI in Google Agentspace and Google Agent Builder. 

Expanded AI agent inventory and risk identification: We’re adding new capabilities for automated discovery of AI agents and Model Context Protocol (MCP) servers in Security Command Center. This update, available later in preview, can help security teams automatically identify vulnerabilities, misconfigurations, and high-risk interactions across their AI agent ecosystem. 

Advanced in-line protection and posture controls for AI agents: We’re extending Model Armor’s powerful in-line protection to Agentspace prompts and responses, available today in preview. It can enable real-time safeguards against runtime threats such as prompt injection, jailbreaking, and sensitive data leakage for agent interactions. We’re also introducing specialized posture controls tailored for AI agents in Agentspace and Agent Builder. These controls, available later in preview, can help agents adhere to security policies and organizational standards.

Proactive threat detection and management for agentic AI: Building on Google Cloud’s robust threat detection capabilities, we’re adding new threat detections for AI agents, available now in Security Command Center. Using frontline intelligence from Mandiant and Google, these new detections can help organizations enhance incident response for risky behaviors and external threats such as surfacing anomalous and suspicious behavior on agent assets.

The Agentic SOC: Empowering defenders with AI in Google Security Operations

We’ve introduced our vision of an agentic security operations center (SOC) that includes a system where agents can coordinate their actions to accomplish a shared goal. By offering proactive, agent-supported defense capabilities built on optimizing data pipelines, automating alert triage, investigation, and response, the agentic SOC can streamline detection engineering workflows to address coverage gaps and create new threat-led detections.

Alert Investigation agent, now in preview: Starting today, organizations can use the agent to autonomously enrich events, analyze CLIs, and build process trees based on the best practices of Mandiant’s human frontline analysts. First announced at Google Cloud Next 2025, the agent’s verdict on alerts are accompanied by next-step recommendations for human intervention, and can drastically reduce manual effort while shrinking response times.

Expert guidance on the secure adoption of AI with Mandiant

As more organizations lean into using generative and agentic AI, we’ve seen a growing need for AI security consulting. Mandiant Consulting experts often encounter customer concerns for robust governance frameworks, comprehensive threat modeling, and effective detection and response mechanisms for AI applications, underscoring the importance of understanding risk through adversarial testing. 

Building on our existing offerings, Mandiant Consulting now provides risk-based AI governance, pre-deployment guidance for AI environment hardening, and AI threat modeling. Partnering with Mandiant can empower organizations to embrace AI technologies while mitigating security risks.

What’s new in Google Unified Security

Mandiant’s expert-led services can help organizations build a strong foundation for their security programs. To use this strategic guidance to defend against threats with speed and intelligence, organizations require a unified platform. That’s where Google Unified Security — our converged solution that brings together the best of Google’s security offerings, supercharged by Google Gemini and built on a planet-scale security fabric — comes in.

Here’s what’s new in Google Unified Security:

In Google Security Operations, the new SecOps Labs offers early access to the latest capabilities in Google Security Operations, many engineered with Gemini AI. Today, you can access AI-powered experiments for parsing, detection, and response.

Also in Google Security Operations, new dashboards, now generally available, showcase the native integration of SOAR data. Built with valuable feedback from early customer preview access, we help you visualize, analyze, and act on your security data.

In Chrome Enterprise, recent capabilities help boost secure enterprise browsing on mobile by bringing many of the benefits that Android business users have already experienced to Chrome on iOS. Employees can now more easily switch between their work and personal Google Accounts in Chrome, with all work-related browsing kept separate. 

We’ve also extended powerful Chrome Enterprise browsing protections to Android and iOS, including URL filtering on iOS. This can empower organizations to block access to unapproved websites, such as specific gen AI sites to help reduce shadow AI risks. Additionally, enhanced reporting capabilities offer detailed insights into security events and browser activity across all mobile devices, sending this data to their preferred security investigation tools or SIEMs.

What’s new in Trusted Cloud

We continue to enhance our security capabilities and controls on our cloud platform to help organizations secure their cloud environments and address evolving policy, compliance, and business objectives. Today we’re announcing the following updates:

Security Command Center:

• Compliance Manager, now in preview, unifies policy definition, control configuration, enforcement, monitoring, and evidence generation for auditing to streamline the security, privacy, and compliance workflows on Google Cloud. Additionally, new recommended AI controls automate AI workload compliance through built-in baselines, AI-specific controls, reporting, and continuous monitoring. 

• Data Security Posture Management, now in preview, provides governance for security and compliance of sensitive data. Newly-available native integration with BigQuery Security Center allows data professionals to monitor their data security and compliance posture directly in their BigQuery console without context switching.

• Risk Reports, now in preview, highlight and summarize unique cloud security issues that can put an organization at risk of attack. Powered by Security Command Center’s virtual red team technology, new risk reports can be used by security teams and non-security teams alike to quickly pinpoint and remediate gaps in cloud defenses. 

Identity and Access Management:

• Agentic IAM, coming later this year, will let our customers enable agent identities across cloud environments. With Agentic IAM, Google Cloud will auto-provision agent identities across all agent development runtimes and support broad credential types, authorization policies, and end-to-end observability.

• IAM role picker, available in preview, lets you grant least-privilege access using Gemini in IAM. You can now describe the desired action (or multiple actions) and Gemini instantly recommends the most appropriate, least-permissive role for human and non-human identities.

• Re-authentication for sensitive actions, available in preview, triggers re-authentication for highly-sensitive actions such as updating billing accounts. This will be enabled by default, and while you can opt out we strongly recommend you keep it turned on to avoid unauthorized access and potential compromise of sensitive accounts.

Data Security:

• We’ve expanded Sensitive Data Protection to monitor Vertex AI, and AI-related assets in BigQuery and CloudSQL, inspect images for sensitive data like barcodes and license plate numbers, and detect AI and machine learning context models for medical records, financial invoices, and source code types. 

• Cloud Key Management System Autokey in Cloud Setup, now generally available, can help customers who need customer-owned encryption keys to onboard more quickly with out-of-the-box alignment with recommended key management practices. 

Network Security:

• Cloud NGFW’s tags have been expanded to org-scope tags with hierarchical support. Cloud NGFW for RDMA networks, now in preview, enables Zero Trust networking for high performance computing VPCs, including AI workloads in Google Cloud. 

• Cloud Armor Enterprise support for hierarchical security policies and organization-scoped address groups is now generally available, helping with centralized control and automatic protection of new projects in Google Cloud. Cloud Armor also has updated inspection limits for WAF rules and added support for rate limiting by JA4 fingerprints and ASN based threat intelligence for Media CDN.

Unlocking the potential of AI, responsibly

The innovations we’re sharing today at Google Cloud Security Summit 2025 demonstrate our commitment to making security an enabler of your business ambitions. By automating compliance, simplifying access management, and expanding data protection for your AI workloads, we’re helping you enhance your security posture with greater speed and ease. Further, by using AI to empower your defenders and meticulously securing your AI projects from inception to deployment, Google Cloud provides the comprehensive foundation you need to thrive in this new era.

We invite you to join our expert-led breakout sessions for in-depth discussions and practical insights on securing your AI journey, and be sure to attend the closing keynote to hear more about the latest Mandiant observations and our strategic vision for the future of AI security.

You can watch the full Google Cloud Security Summit opening keynote for more insights into AI breakthroughs and customer success stories.