Google has launched a new cybersecurity tool called Threat Intelligence. This product combines the capabilities of Gemini, Mandiant, and VirusTotal.
Google aims to apply generative AI to cybersecurity. This will help simplify threat reports. The focus is on finding practical applications for AI beyond creating artificial images.
Google has announced in a blog post that its new cybersecurity product, Google Threat Intelligence, will combine efforts from its Mandiant cybersecurity team and VirusTotal’s threat intelligence with the Gemini AI model.
Google’s new product utilizes the Gemini 1.5 Pro large language model. This model is designed to speed up the process of analyzing malware. Google reports that in February, the Gemini 1.5 Pro analyzed the WannaCry virus code in just 34 seconds.
This virus caused significant disruptions worldwide in 2017. The model was able to quickly find a kill switch. This result is impressive, yet expected, due to the model’s ability to read and write code.
Another potential function of Gemini within the threat arena is to condense threat reports into easy-to-understand language in Threat Intelligence. This allows companies to better gauge the potential impact of attacks. Essentially, it helps companies avoid reacting too strongly or too weakly to threats.
Mandiant offers human experts who keep an eye on possible malicious groups and consultants who assist companies in preventing attacks. Additionally, the VirusTotal community frequently shares indicators of threats.
In 2022, Google acquired Mandiant, a cybersecurity firm known for revealing the 2020 SolarWinds cyber attack on the US government.
Google intends to utilize Mandiant’s experts to evaluate security risks in AI projects. As part of Google’s Secure AI Framework, Mandiant will check AI models’ defenses and support red-teaming activities. While AI models are useful for summarizing threats and analyzing malware, they are also vulnerable to attacks.
Such attacks often involve “data poisoning,” where harmful code is inserted into the data that AI models use, preventing them from responding correctly to certain prompts.
Google isn’t the only company integrating AI with cybersecurity. Microsoft introduced Copilot for Security, which is driven by GPT-4 and Microsoft’s own AI model tailored for cybersecurity.
This tool allows cybersecurity experts to inquire about threats. It’s still uncertain if these are truly effective uses of generative AI, but it’s encouraging to see it applied to more than just creating unusual images.
What we think?
I think Google’s new cybersecurity tool, Threat Intelligence, sounds really promising. It seems like it will make it much easier to understand and handle cyber threats quickly.
The use of AI to analyze and condense reports into simpler language is smart. It’s impressive how fast it analyzed the WannaCry virus. Overall, I’m hopeful this tool will help companies be better prepared and respond more effectively to cyber threats.