Google Takes on Microsoft’s Security Copilot With New Cloud Security AI Workbench

Google Cloud Security AI Workbench

Google has just announced at the RSA Conference 2023 its new Cloud Security AI Workbench, which will offer various AI-powered tools to help cybersecurity experts address security threats. The Google Cloud Security AI Workbench relies on a new large language model (LLM) named Sec-PALM, and it also leverages technology from Mandiant, a cybersecurity company Google acquired last year.

“Recent advances in artificial intelligence (AI), particularly large language models (LLMs), accelerate our ability to help the people who are responsible for keeping their organizations safe,” explained said Sunil Potti, VP/GM, Google Cloud Security. “These new models not only give people a more natural and creative way to understand and manage security, they give people access to AI-powered expertise to go beyond what they could do alone.”

Google’s Cloud Security AI Workbench announcement echoes Microsoft’s recent Security Copilot announcement from March. Microsoft’s AI-powered cybersecurity assistant is powered by OpenAI’s GPT-4 and Microsoft’s own proprietary security models, and it’s currently available in private preview with select enterprise customers.  

Google Cloud Security AI Workbench Features

Google’s Cloud Security AI Workbench will apply Sec-PaLM, the company’s security-focused LLM to new security tools. The AI-powered cybersecurity suite will also let customers extend and customize the platform with plugins. 

The platform will also let customers make their private data available to the platform at inference time; ensuring we honor all our data privacy commitments to customers,” explained Potti. “Because Security AI Workbench is built on Google Cloud’s Vertex AI infrastructure, customers control their data with enterprise-grade capabilities such as data isolation, data protection, sovereignty, and compliance support.”

The Google Cloud Security AI Workbench
Google’s Cloud Security AI Workbench (source: Google)

Here are the main building blocks of Google’s Cloud Security AI Workbench:

  • VirusTotal Code Insight: This feature provides natural language summaries of code snippets and it can detect malicious scripts. It’s currently available in preview. 
  • Mandiant Threat Intelligence AI: Google is applying its Sec-PaLM LLM to Mandiant’s threat graph so it can summarize all threats relevant to an organization.
  • Mandiant Breach Analytics for Chronicle: Google will integrate the latest threat intelligence from Mandiant Breach Analytics into its Chronicle security operations suite. This will allow organizations to receive automatic alerts about breaches in their environment and use Sec-PaLM to address them. 
  • Security Command Center AI: Google will introduce AI-powered risk summaries in Security Command Center, the built-in security management tool for the Google Cloud platform.

If VirusTotal Code Insight is currently the first Google Cloud Security AI Workbench that’s now available in preview, Google plans to make the other building blocks available to trusters in the coming months. All these tools should also become available in preview this summer. 

“We’ll continue to iterate and innovate, and we encourage customers and partners to leverage Security AI Workbench in new and exciting ways. Moving forward, we anticipate many new use cases to emerge over time,” the Google Cloud Security exec said.