New security capabilities are being added to Google Cloud Platform (GCP) to help developers detect and protect artificial intelligence agents.
The features were announced today at the annual Google Cloud Security Summit.
“We’re excited about the new capabilities that we’re bringing to market across our security portfolio to help organizations not only continue to innovate with AI, but also leverage AI to keep their organization secure,” Naveed Makhani, Google Cloud’s product lead for security and AI, told CSO in an email.
“One of the biggest security improvements that we’re announcing is within our AI Protection solution [part of a customer’s GCP Security Command Center]. As organizations rapidly adopt AI, we’re developing new capabilities to help them keep their initiatives secure.”
These include new capabilities for automated discovery of AI agents and Model Context Protocol (MCP) servers in Security Command Center. Makhani said this update, which will be available soon in preview, will help defenders automatically identify vulnerabilities, misconfigurations, and high-risk interactions across their AI agent ecosystem; defend against new agent-specific runtime risks such as tool poisoning and indirect prompt injection; and enhance incident response for risky behaviors and external threats such as surfacing anomalous and suspicious behavior on agent assets.
Makhani also said the new capabilities announced will help boost its vision of an agentic security operations center (Agentic SOC) that customers can build through GCP. An Agentic SOC lets AI agents co-ordinate their actions to accomplish a shared goal.
“We believe Agentic SOC will significantly increase the productivity of security analysts and engineers so that they spend more time on threats that matter,” he said.
Here’s a look at the announcements:
Security Command Center
Compliance Manager, now in preview, unifies policy definition, control configuration, enforcement, monitoring, and evidence generation for auditing to streamline the security, privacy, and compliance workflows on Google Cloud. Additionally, new recommended AI controls automate AI workload compliance through built-in baselines, AI-specific controls, reporting, and continuous monitoring;
Data Security Posture Management, now in preview, provides governance for security and compliance of sensitive data. Newly-available native integration with BigQuery Security Center allows data professionals to monitor their data security and compliance posture directly in their BigQuery console without context switching.
Risk Reports, now in preview, highlights and summarizes unique cloud security issues that can put an organization at risk of attack. Powered by Security Command Center’s virtual red team technology, new risk reports can be used by security teams and non-security teams alike to quickly pinpoint and remediate gaps in cloud defenses.
Identity and access management (IAM)
Agentic IAM, coming later this year, will let Google Cloud customers enable agent identities across cloud environments. It will auto-provision agent identities across all agent development runtimes and support broad credential types, authorization policies, and end-to-end observability;
IAM role picker, available in preview, lets admins grant least-privilege access using Google’s Gemini chatbot within Google Cloud’s IAM capability. Admins will be able to describe the desired action (or multiple actions) and Gemini instantly recommends the most appropriate, least-permissive role for human and non-human identities;
Re-authentication for sensitive actions, available in preview, will trigger re-authentication for highly-sensitive actions such as updating billing accounts. This will be enabled by default, and while admins can opt out, Google strongly recommends it be kept turned on to avoid unauthorized access and potential compromise of sensitive accounts.
Data security
The expansion of Sensitive Data Protection to monitor the Vertex AI agent builder as well as AI-related assets in BigQuery and CloudSQL. It will also inspect images for sensitive data such as barcodes and license plate numbers, and detect AI and machine learning context models for medical records, financial invoices, and source code types;
Cloud Key Management System Autokey in Cloud Setup, now generally available, will help customers who need customer-owned encryption keys to onboard more quickly with out-of-the-box alignment with recommended key management practices.
Network security
The expansion of Cloud NGFW’s tags to org-scope tags with hierarchical support. Cloud NGFW for RDMA networks, now in preview, enables zero trust networking for high performance computing VPCs, including AI workloads in Google Cloud;
Cloud Armor Enterprise support for hierarchical security policies and organization-scoped address groups is now generally available, helping with centralized control and automatic protection of new projects in Google Cloud. Cloud Armor, a security service that protects applications and websites from distributed denial-of-service (DDoS) attacks and other threats, has updated inspection limits for WAF rules and added support for rate limiting by JA4 fingerprints and ASN based threat intelligence for media content delivery networks.
Google Security Operations
Also announced were improved capabilities in Google Unified Security, an AI-powered converged security solution. It integrates threat intelligence, security operations, cloud security and secure enterprise browsing.
a new SecOps Labs allows developers to access AI-powered experiments for parsing, detection, and response.
new dashboards, now generally available, showcase the native integration of SOAR data. It helps admins visualize, analyze, and act on security data.
“Our momentum in AI-enabled security will help organizations to redefine their security posture and reduce the greatest amount of risk for the investment,” Makhani told CSO. “These announcements will help propel security operations and help organizations gain operational efficiencies — from finding vulnerabilities to processing vast amounts of threat intelligence data in seconds and empowering security teams to achieve not seen before levels of defense and efficiency.”
Pricing for the new capabilities varies, Google said, with some available at no additional cost.
Joseph Steinberg, a U.S. based cybersecurity and AI expert, said infosec pros should reserve judgement on how effective these new capabilities will be until they are used in the real world. “We have seen many times that there is a huge delta between a new security technology’s theoretical benefits and the value that it actually ultimately delivers in the real world,” he said in an email.
“Additionally, security follows a different model than functionality. We know, for example, how to leverage an imperfect AI that improves productivity, we know how to utilize it in ways that improve productivity while accounting for the AI’s errors. And, as a result, if a failure does ‘get through,’ the impact is not usually devastating.
“However, imperfect security technology that fails even once in a ‘fail-to-allow’ fashion can be a different story.”
Updated with analyst comments.
No Responses