At its Security Summit 2025, Google Cloud placed artificial intelligence at the center of its vision for the future of cybersecurity.
The company introduced new tools that aim to accomplish two objectives simultaneously: help organizations secure their own AI systems while also leveraging AI to enhance protection against emerging cyber threats.
“AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment,” Google said in its announcement.
As companies increasingly deploy AI agents across their business operations, Google has emphasized the need to protect these agents themselves. Updates to its Security Command Center will soon allow automated discovery of AI agents and Model Context Protocol (MCP) servers.
Real-time safeguards are also expanding. Model Armor’s in-line protection is now being extended to prompts and responses inside Agentspace, blocking threats such as prompt injection, data leaks, and AI “jailbreaking.” New posture controls will ensure that AI agents follow company security policies.
Google has also added fresh threat detection features, powered by intelligence from Mandiant, to help spot unusual or suspicious behaviors in AI agents, enabling faster incident response.
Rise of the ‘agentic SOC’
One of the most forward-looking announcements was Google’s vision for an “agentic security operations center (SOC)” where AI agents coordinate like teammates to investigate alerts, correlate data, and recommend responses.
The first step toward this vision is the Alert Investigation agent, now in preview. According to Google, it can “autonomously enrich events, analyze CLIs, and build process trees based on the best practices of Mandiant’s human frontline analysts.”
This tool acts like a junior analyst, significantly reducing manual triage work while offering clear next-step recommendations for human defenders.
Security across the cloud
Beyond AI agents, Google unveiled a wave of security upgrades across its broader cloud ecosystem:
- Compliance manager (in preview) will unify policy enforcement, monitoring, and audit preparation to simplify compliance efforts.
- Risk reports, powered by virtual red team technology, will highlight potential weak spots in cloud defenses.
- IAM role picker, assisted by Gemini AI, will recommend the least-privileged access roles based on natural language descriptions of user needs.
- Sensitive data protection is expanding to cover assets in Vertex AI, CloudSQL, and BigQuery, with image inspection to detect items like barcodes and license plates.
- Cloud NGFW and Cloud Armor received upgrades to strengthen Zero Trust networking and enterprise-wide protection.
The Security Summit also highlighted Google Unified Security, a platform that consolidates its core security offerings. Features like SecOps Labs, which provide early access to experimental AI-powered detection and response tools, and new SOAR-integrated dashboards, are now available.
By embedding AI throughout its security stack, Google is positioning itself as both a defender of AI innovation and a provider of AI-driven defenses.
As the company put it in its summit message, “By using AI to empower your defenders and meticulously securing your AI projects from inception to deployment, Google Cloud provides the comprehensive foundation you need to thrive in this new era.”
AI can supercharge your security team, but it can also open new blind spots. Discover how AI agents themselves can become risks, and what you can do to defend against them.