Google Threat Intelligence includes Gemini in Threat Intelligence, the company’s AI-powered agent that provides conversational search across a vast repository of threat intelligence, enabling customers to gain insights and protect themselves from threats faster than ever before.
“While there is no shortage of threat intelligence available, the challenge for most is to contextualise and operationalise intelligence relevant to their specific organisation,” said Dave Gruber, principal analyst, Enterprise Strategy Group. “Unarguably, Google provides two of the most important pillars of threat intelligence in the industry today with VirusTotal and Mandiant. Integrating both into a single offering, enhanced with AI and Google threat insights, offers security teams a new means to operationalise actionable threat intelligence to better protect their organisations.”
Based on Mandiant’s leading incident response and threat research team, combined with Google’s massive user and device footprint and VirusTotal’s broad crowdsourced malware database, the new offering will bring:
- Google threat insights: Google protects 4 billion devices and 1.5 billion email accounts, and blocks 100 million phishing attempts per day. This provides a vast sensor array and a unique perspective on internet and email-borne threats that allow the company to connect the dots back to attack campaigns.
- Frontline intelligence: Mandiant’s eIite incident responders and security consultants dissect attacker tactics and techniques, using their experience to help customers defend against sophisticated and relentless threat actors across the globe in over 1,100 investigations annually.
- Human-curated threat intelligence: Mandiant’s global threat experts monitor threat actor groups for activity and changes in their behaviour to contextualise ongoing investigations and provide the insights you need to respond.
- Crowdsourced threat intelligence: VirusTotal’s global community of over 1 million users continuously contributes potential threat indicators, including files and URLs, to offer real-time insight into emerging attacks.
- Open-source threat intelligence: We use open-source threat intelligence to enrich our knowledge base with current discoveries from the security community.
Google Threat Intelligence ‘boasts a diverse set of sources that provide a panoramic view of the global threat landscape and the granular details needed to make informed decisions’ according to the official blog.
AI-driven operationalisation
Traditional approaches to operationalising threat intelligence are labor-intensive and can slow down your ability to respond to evolving threats, potentially taking days or weeks to respond.
Google Threat Intelligence uses Gemini to analyse potentially malicious code and provides a summary of its findings.
Google Threat Intelligence is part of Google Cloud Security’s comprehensive security portfolio, which includes Google Security Operations, Mandiant Consulting, Security Command Center Enterprise, and Chrome Enterprise.