Google is harnessing the power of advanced artificial intelligence (AI) to bolster cybersecurity efforts against cyber scams.
Powered by the Gemini 1.5 Pro large language model, Google claims to have significantly expedited the process of reverse engineering malware attacks. Notably, it took just 34 seconds for the AI model to dissect the code of the WannaCry malware and pinpoint a vulnerability to neutralize it. WannaCry, infamous for its widespread ransomware attacks, posed a significant threat to numerous organizations worldwide.
“Our vision for AI is to accelerate your ability to protect and defend against threats by shifting from manual, time-intensive efforts to assisted and, ultimately, semi-autonomous security — while providing you with curated tools and services to secure your AI data, models, applications, and infrastructure”, said Google in its blog.
In its latest development, Google has recently announced the general availability of Gemini across multiple security offerings, including Google Threat Intelligence and Google Security Operations, aiming to enhance defenders’ capabilities through generative AI.
Gemini in Security Operations has introduced a novel assisted investigation feature designed to guide users through the platform, adapting to the context of each investigation. This feature aids in the detection of recent threats by leveraging crucial insights from Google Threat Intelligence and MITRE, facilitating the analysis of security events, formulation of detections using natural language, and provision of recommendations for subsequent actions.
Google Threat Intelligence, another recent addition, serves as a valuable resource for expediting the identification and mitigation of emerging threats. By combining insights gleaned from Mandiant frontline experts, the VirusTotal intel community, and Google’s extensive threat data amassed from safeguarding billions of devices and user accounts, this tool streamlines threat response processes.
With Gemini integrated into Threat Intelligence, analysts gain the ability to swiftly search Mandiant’s comprehensive frontline research, gaining insights into threat actor behaviors within seconds. Additionally, they can access AI-generated summaries of pertinent open-source intelligence articles automatically assimilated by the platform, thereby reducing investigation times.
Furthermore, Gemini within Threat Intelligence features Code Insight, capable of inspecting over 200 file types, summarizing their unique attributes, and identifying potentially malicious code. Gemini streamlines the process for security professionals to grasp the most critical threats facing their organization and take timely action.
Google’s announcement follows Microsoft’s introduction of Copilot for Security, leveraging GPT-4 technology to equip cybersecurity professionals with advanced query capabilities tailored to threat analysis.
Security Copilot, backed by Microsoft’s global threat intelligence and running on Azure’s robust infrastructure, delivers enterprise-grade security solutions in alignment with stringent privacy standards.
With these pioneering advancements, Google and Microsoft are spearheading a new era in cybersecurity, leveraging AI-driven technologies to fortify defenses and safeguard digital ecosystems against evolving threats.