Artificial intelligence (AI) is fundamentally changing the cybersecurity landscape. From detecting zero-day vulnerabilities to processing vast amounts of threat intelligence data to automating monotonous security tasks, AI enables unprecedented levels of efficiency and protection.

At the Google Cloud Security Summit 2025, Google unveiled new features that help businesses protect their AI initiatives and leverage AI for their own defence strategy.

Securing AI innovation: protecting the entire AI ecosystem

With the increasing adoption of agent-based AI, new threat scenarios such as prompt injection and tool poisoning are coming to the fore. Google is expanding its existing security solutions in the Security Command Centre (SCC) to address this. This includes a new feature for automated discovery of AI agents and MCP servers, which enables security teams to identify vulnerabilities, misconfigurations and high-risk interactions in the agent ecosystem more quickly. In addition, Model Armor’s in-line protection is now being rolled out in Agentspace, protecting interactions in real time from manipulation, data leaks or jailbreaking. Special posture controls are also being added to ensure that agents in Agentspace and Agent Builder comply with an organisation’s security policies. This is complemented by new threat detections in the Security Command Centre, which are based on intelligence from Mandiant and Google and specifically identify anomalous activity and risky behaviour by AI agents.

The agentic SOC: AI-powered security operations

Another highlight of the summit was the presentation of the vision for an agentic Security Operations Centre (SOC). This is a system in which AI agents work together in a coordinated manner to holistically optimise security processes. This new form of SOC relies on automated data pipelines, support for alert handling and the acceleration of analysis and response processes. Organisations can already use the new Alert Investigation Agent in preview mode. It automatically enriches events with contextual information, analyses command line commands and creates process trees based on Mandiant analysts’ best practices. The resulting assessments are supplemented with specific recommendations for action for security teams, significantly reducing manual effort and response times.

Mandiant consulting: Secure introduction of AI

With the growing use of generative and agentic AI, the need for robust governance and clear threat modelling is also increasing. Mandiant Consulting is responding to this with an expanded range of services. In addition to introducing risk-based governance frameworks, Mandiant helps companies harden their AI environments before they go live and offers consulting services for threat modelling and adversarial testing. The goal is to enable organisations to use new AI technologies responsibly without compromising security.

Google Unified Security: Consolidated platform with AI support

At the same time, Google is pushing ahead with the consolidation of its security ecosystem in the Unified Security Platform, which is supported by Gemini AI. The new SecOps Labs give users early access to AI-based experiments for parsing, detection and response. In addition, new dashboards have been introduced in Google Security Operations, enabling deeper integration of SOAR data and significantly improving analysis and response capabilities. Chrome Enterprise has also been expanded: in addition to the introduction of seamless separation of work and personal accounts in Chrome for iOS, businesses benefit from enhanced protection mechanisms on iOS and Android, including URL filtering and detailed reporting capabilities. These measures are designed to mitigate the risks posed by uncontrolled use of generative AI services (‘shadow AI’).

Trusted Cloud: Improved security controls

At the platform level, Google introduced numerous innovations in the area of Trusted Cloud. The new Compliance Manager, currently available in preview, unifies the definition of policies, the configuration of controls, and the monitoring and auditing of AI workloads. In addition, the new Data Security Posture Management enables direct monitoring of the security status of sensitive data in BigQuery without the need to switch between tools. With the newly introduced Risk Reports, Google also provides a tool based on the simulation of attack scenarios by virtual red teams, which quickly provides companies with concrete information about vulnerabilities.

In the area of identity and access management, Agentic IAM has been announced, which facilitates the introduction of agent-based identities and supports automatic provisioning across different runtime environments. Also new is the IAM Role Picker, which uses Gemini to recommend tailored, minimally privileged roles for both humans and AI agents. Mandatory re-authentication will be introduced for sensitive actions to prevent misuse and unauthorised access.

There are also improvements in the protection of sensitive data. Sensitive Data Protection has been extended to Vertex AI, BigQuery and CloudSQL and now also offers image analysis for barcodes or vehicle registration plates and the detection of special AI models for medical or financial data. In addition, the Cloud Key Management System Autokey simplifies the use of customer-managed keys with immediate support for recommended best practices. In the area of network security, Google is introducing enhancements to Cloud NGFW and Cloud Armor, including zero-trust networks for high-performance workloads and improved WAF inspection.

Conclusion: Security as a driver of innovation

The innovations presented at the summit underscore Google’s commitment to positioning security not as a barrier but as an enabler for AI innovation. With a combination of automated compliance, AI-powered threat detection, governance consulting and a unified security ecosystem, Google Cloud is laying the foundation for secure digital transformation in the AI era.

Companies looking to secure their AI journey can benefit equally from the technologies presented and Mandiant’s expertise – whether through proactive threat detection, governance frameworks or the introduction of an agentic SOC.

Article based on an article on Google Cloud, Jon Ramsey, VP & GM Google Cloud Security