Google’s Defense Platform Leans on AI to Protect Against Fountier AI Threats
The rise of frontier AI models like Anthropic’s Claude Mythos Preview has put a spotlight on the rapidly shrinking time between when a vulnerability is found and when an organization can patch it. Such models can quickly detect security flaws and rapidly generate exploits for them.
The machine-speed at which all of this is done is outpacing what human security teams can do, pushing IT and security vendors to develop AI-driven solutions that use agents to do the work of finding software bugs and developing and applying fixes, essentially using AI to combat AI-based threats.
“The collapse of the exploit window has made one thing clear: Human-speed vulnerability management is no longer a viable strategy for enterprise risk,” Francis deSouza, chief operating officer of Google Cloud and president for security products, wrote this week in announcing Google AI Threat Defense. “The era of machine-speed attacks demands an autonomous, continuous defense.”
Google Cloud is using an all-of-company approach, combining capabilities of its Gemini AI models and those of other vendors with Wiz (the $32 billion acquisition closed two months ago), Mandiant and CodeMender code security agent for an automated security system that uses AI agents at every stage of the vulnerability lifecycle, from preparing an organization’s foundation for machine-speed response to scanning, remediating, and continuous monitoring.
‘AI is Rewriting the Rules’
“AI is rewriting the rules of cybersecurity,” deSouza wrote. “By combining the expertise of Mandiant and Wiz with the advanced reasoning and code-generation capabilities of Gemini, we’re automating defense at scale for customers. We’re deploying LLM-powered analysis to help autonomously discover software flaws, and AI agents across Wiz and CodeMender to validate risk, generate fixes, and support remediation workflows before vulnerabilities can be exploited.”
Anthropic’s announcement of Mythos last month rattled the AI and security sectors. Mythos demonstrated remarkable capabilities in detecting and identifying vulnerabilities, some that had been present but undiscovered for years. At the same time, it can quickly spin up exploits.
Such capabilities convinced Anthropic to limit the release of the model to a few dozen companies to use to create stronger cyber defenses as part of Project Glasswing, though the AI vendor has since said it is letting members more broadly share what they’ve developed.
Using AI to Fight AI
Some of those that were part of Glasswing are now coming out with programs based in part on their work with the project aimed at helping enterprises protect themselves from the threats arising from Mythos and other frontier models.
IBM and Red Hat this week announced Project Lightwell, a $5 billion initiative to help enterprises secure their open source software environments from frontier AI models. Meanwhile, CrowdStrike unveiled Project QuiltWorks, a coalition that includes the likes of IBM Cybersecurity Services, OpenAI, and Accenture to address the cyberthreat of frontier models.
Google Looks to the Integration Layer
Most IT and cybersecurity vendors agree the exploit window has collapsed past human-speed patching, according to Mitch Ashley, vice president and practice lead for software lifecycle engineering at The Futurum Group.
“Google’s distinct bet is owning the integration layer that binds cloud exposure, threat intelligence, code remediation, and reasoning into one stack, [which is] harder to execute than to announce,” Ashley told Security Boulevard. “Whether teams trust autonomous patching depends on the evidence layer tying each AI-generated fix to the model, context, and validation that produced it.”
He added that “that layer is early, and it bounds how much patching autonomy teams can responsibly grant.”
The debate in the cybersecurity industry about what AI-accelerated attacks mean in practice for enterprise defense is being sped up by the “breakneck pace” of security-focused releases from foundation labs, Ashley and Fernando Montenegro, vice president and practice lead for cybersecurity and resilience at The Futurum Group, wrote in a report.
“That said, enterprises are looking for the flip side of this conversation: where can AI potentially help?” they wrote. “This is where Google AI Threat Defense fits in.”
Access to Multiple AI Models, Agents
Google Cloud is giving organizations ways to use multiple AI models to protect themselves from the security risks frontier models present, and the cloud provider is offering users multiple models to choose from for such tasks as scanning for complex vulnerabilities, exposed APIs, and other concerns. Performance can differ from one model to the next – better at application logic than cloud configuration, for example – so Google Cloud is giving them options.
“AI Threat Defense … uses a variety of models to enable organizations to find the largest collection of vulnerabilities while managing costs, enabling you to scan, remediate and maintain your software assets on an ongoing basis,” deSouza wrote.
It also features agents from the Gemini Enterprise Agent Platform, which was rolled out last month to enable users to build, scale, govern, and optimize agents.
