Google Cloud unveils AI-powered Unified Security platform at Next 25

Google Cloud has launched a sweeping overhaul of its cybersecurity portfolio, introducing a unified platform powered by artificial intelligence and anchored by Mandiant's threat expertise. The new offering, revealed at Google Cloud Next 25, is designed to help security teams combat increasingly sophisticated and fast-evolving cyber threats.

The announcement comes as enterprise infrastructure grows more complex and attackers adopt AI-powered tactics. Google Unified Security - or "Gus", as the team has nicknamed it - combines Google's threat intelligence, cloud security, security operations, and Chrome Enterprise protections into a single platform.

"Security programs and leaders have never been under more pressure or more scrutiny," said Brian Roddy, Google's VP of Cloud Security Engineering. "Attack surfaces are growing, workflows are still fragmented, and disconnected tools are leaving defenders flat-footed."

To counter this, Google has embedded Gemini, its latest AI model, across its security products, aiming to reduce response times and automate high-volume tasks. New AI agents - dubbed "agentic AI" by the company - are being introduced to investigate alerts and malware dynamically, promising major gains in efficiency for overstretched security teams.

One such feature is the alert triage agent, launching in preview later this year. It analyses security alerts automatically, provides evidence-backed decisions, and reduces the burden on Tier 1 and Tier 2 analysts. Another AI agent, focused on malware analysis, is designed to deobfuscate and assess code to determine its safety.

"We're empowering customers to make Google a part of their security team," said Payal Chakravarty, Product Management Executive at Google. "Gus connects the dots, responds in real-time, and uses threat intelligence to protect both data and AI systems across environments."

In a live demonstration, Chakravarty showed how Gus detected a data leak from a developer using a public AI model via a Chrome extension. The platform not only quarantined the extension, but also updated the company-wide Chrome policy and correlated the incident with additional risks involving a misconfigured virtual machine.

"Gus was able to recognise risks in real time, connect the dots, and take action," she said. "What used to take hours now happens in seconds."

Gus also integrates with tools across public cloud, on-premise environments and third-party ecosystems, reinforcing Google's commitment to openness. "Both DC and Marvel heroes can work together," Roddy joked. "No copyright issues."

Mandiant, the cybersecurity firm Google acquired in 2022, remains central to the platform. Its experts now provide active threat detection and incident response within Google Security Operations via the new Mandiant Threat Defense service.

"Mandiant experts work alongside our customers, helping them hunt threats and scale response through automation," Roddy explained. "They're our special guest star superheroes."

Additionally, customers can now access Mandiant experts through a retainer model, offering rapid response and advisory services on demand. The integration of real-time threat intelligence from Mandiant directly into the platform ensures that emerging indicators of compromise are automatically reflected in alerts and analysis.

Adnan Amjad, principal and U.S. cyber leader at Deloitte, welcomed the new approach: "Google Unified Security brings together a centralised data fabric, integrated threat intelligence, unified SOC and cloud workflows, and agentic AI automation - creating a powerful platform to drive our clients' security transformation."

Updates across the wider security portfolio include enhanced protections in Chrome Enterprise, such as phishing safeguards using Safe Browsing data and new data masking capabilities now extended to Android devices.

On the compliance front, Google unveiled its Compliance Manager, which integrates policy enforcement, auditing and monitoring in a single workflow. Though compliance may not have the glamour of AI, Roddy noted its growing importance amid global regulatory shifts.

"For many countries, it's one of the hottest topics," he said. "We've built something that keeps pace with the pace of geopolitics."

AI security was also in focus with the launch of Model Armor, a firewall-like tool that filters prompts and responses to AI models across clouds. It is now integrated with Google's Vertex AI, allowing developers to activate protections without changing their applications.

"Model Armor provides consistent protection across models, even if you switch providers," Roddy explained. "It's simple, effective, and a crucial part of securing AI deployments."

The expansion of Google's Risk Protection Program was also announced, with global insurers Beazley and Chubb joining to offer discounted cyber insurance based on an organisation's Google Cloud security posture. Chubb will additionally cover risks tied to quantum computing exploits.

Google's efforts to simplify and scale security were praised by several industry leaders. Bashar Abouseido, CISO at Charles Schwab, said: "Automated response capabilities have dramatically reduced our investigation resolution time while providing visibility and scale. The platform empowers our team to focus on high-value work."

Craig McEwen, deputy CISO at Unilever, echoed the sentiment: "Google's expertise and willingness to explore new opportunities make them a true partner. We're very happy to be working together."

As cyber threats evolve and AI reshapes both attack and defence strategies, Google is betting big on automation, visibility, and integration. With Gus at the centre, the tech giant hopes to transform security operations from a fragmented scramble into a coordinated, intelligent response.

"It's not just about better tools," said Chakravarty. "It's about delivering better security outcomes."