Google Announces New Defence Capabilities at Security Summit

Google announced at Google Cloud Security Summit 2025 new capabilities designed to help enterprises secure their Artificial Intelligence (AI) initiatives and use AI for security enhancements These new capabilities come at a time when AI is presenting unprecedented opportunities for organisations to redefine their security posture and reduce the greatest amount of risk for the investment.

Securing the Entire AI Ecosystem the Google Way

Securing agents is critical as organisations increasingly use AI agents across diverse environments. Existing capabilities in Security Command Centre’s AI Protection solution such as Sensitive Data Protection can help discover and redact sensitive data used with agents to mitigate data poisoning, while Model Armour can help screen agent, tool, and MCP server interactions to mitigate threats such as prompt injection and tool poisoning.

To further protect AI agents, Google has introduced security innovations in Google Agentspace and Google Agent Builder. These innovations are:

1. Expanded AI agent inventory and risk identification: Google has addednew capabilities for automated discovery of AI agents and Model Context Protocol (MCP) servers in Security Command Centre. This update, available later in preview, can help security teams automatically identify vulnerabilities, misconfigurations, and high-risk interactions across their AI agent ecosystem.
2. Advanced in-line protection and posture controls for AI agents: Google has extendedModel Armour’s powerful in-line protection to Agentspace prompts and responses. It can enable real-time safeguards against runtime threats such as prompt injection, jailbreaking, and sensitive data leakage for agent interactions. Additionally, specialised posture controls tailored for AI agents in Agentspace and Agent Builder have been introduced as well. These controls, available later in preview, can help agents adhere to security policies and organisational standards.
3. Proactive threat detection and management for agentic AI: Building on Google Cloud’s robust threat detection capabilities, the tech leader hasnew threat detections for AI agents, available now in Security Command Centre. Using frontline intelligence from Mandiant and Google, these new detections can help organisations enhance incident response for risky behaviours and external threats such as surfacing anomalous and suspicious behaviour on agent assets.

The Agentic SOC: Empowering Defenders with AI

Google has introduced its vision of an agentic security operations center (SOC) that includes a system where agents can coordinate their actions to accomplish a shared goal. By offering proactive, agent-supported defence capabilities built on optimising data pipelines, automating alert triage, investigation, and response, the agentic SOC can streamline detection engineering workflows to address coverage gaps and create new threat-led detections.

Additionally, Alert Investigation Agent, now in preview, enables organisations to use the agent to autonomously enrich events, analyse CLIs, and build process trees based on the best practices of Mandiant’s human frontline analysts. The agent’s verdict on alerts is accompanied by next-step recommendations for human intervention and can drastically reduce manual effort while shrinking response times.

Expert Guidance with Mandiant

As more organisations lean into using generative and agentic AI, there is now a growing need for AI security consulting. Mandiant Consulting experts often encounter customer concerns for robust governance frameworks, comprehensive threat modelling, and effective detection and response mechanisms for AI applications. These queries underscore the importance of understanding risk through adversarial testing.

Building on already existing offerings, Mandiant Consulting now provides risk-based AI governance, pre-deployment guidance for AI environment hardening, and AI threat modeling. Partnering with Mandiant can empower organisations to embrace AI technologies while mitigating security risks.

Google Unified Security Gets Upgrades

Mandiant’s expert-led services can help organisations build a strong foundation for their security programs. To use this strategic guidance to defend against threats with speed and intelligence, organisations require a unified platform. That’s where Google Unified Security, the company’s converged solution that brings together the best of Google’s security offerings—comes in.

Here’s what’s new in Google Unified Security:

In Google Security Operations, the new SecOps Labs offers early access to the latest capabilities in Google Security Operations, many engineered with Gemini AI. Today, businesses can access AI-powered experiments for parsing, detection, and response.

Also in Google Security Operations, new dashboards, now generally available, showcase the native integration of SOAR data. Built with valuable feedback from early customer preview access, we help you visualise, analyse, and act on security data.

In Chrome Enterprise, recent capabilities help boost secure enterprise browsing on mobile by bringing many of the benefits that Android business users have already experienced to Chrome on iOS. Employees can now more easily switch between their work and personal Google Accounts in Chrome, with all work-related browsing kept separate.

Google has also extended powerful Chrome Enterprise browsing protections to Android and iOS, including URL filtering on iOS. This can empower organisations to block access to unapproved websites, such as specific gen AI sites to help reduce shadow AI risks. Additionally, enhanced reporting capabilities offer detailed insights into security events and browser activity across all mobile devices, sending this data to their preferred security investigation tools or SIEMs.

What’s New in Trusted Cloud?

Finally, Google continues to enhance its security capabilities and controls on its industry-leading cloud platform to help organisations secure their cloud environments and address evolving policy, compliance, and business objectives. Among the updates introduced are:

Security Command Centre

• Compliance Manager, now in preview, unifies policy definition, control configuration, enforcement, monitoring, and evidence generation for auditing to streamline the security, privacy, and compliance workflows on Google Cloud. Additionally, new recommended AI controls automate AI workload compliance through built-in baselines, AI-specific controls, reporting, and continuous monitoring.
• Data Security Posture Management,now in preview, provides governance for security and compliance of sensitive data. Newly-available native integration with BigQuery Security Center allows data professionals to monitor their data security and compliance posture directly in their BigQuery console without context switching.
• Risk Reports, now in preview, highlight and summarise unique cloud security issues that can put an organisation at risk of attack. Powered by Security Command Centre’s virtual red team technology, new risk reports can be used by security teams and non-security teams alike to quickly pinpoint and remediate gaps in cloud defenc

Identity and Access Management

• Agentic IAM, coming later this year, will let Google ustomers enable agent identities across cloud environments. With Agentic IAM, Google Cloud will auto-provision agent identities across all agent development runtimes and support broad credential types, authorisation policies, and end-to-end observability.
• IAM role picker,available in preview, lets you grant least-privilege access using Gemini in IAM. You can now describe the desired action (or multiple actions) and Gemini instantly recommends the most appropriate, least-permissive role for human and non-human identities.
• Re-authentication for sensitive actions, available in preview, triggers re-authentication for highly-sensitive actions such as updating billing accounts. This will be enabled by default, and while you can opt out we strongly recommend you keep it turned on to avoid unauthorized access and potential compromise of sensitive accounts.

Data Security

• Google has expanded Sensitive Data Protectionto monitor Vertex AI and AI-related assets in BigQuery and CloudSQL, inspect images for sensitive data like barcodes and licence plate numbers, and detect AI and Machine Learning context models for medical records, financial invoices, and source code types.
• Cloud Key Management System Autokey in Cloud Setup, now generally available, can help customers who need customer-owned encryption keys to onboard more quickly without-of-the-box alignment with recommended key management practices.

Network Security

• Cloud NGFW’s tags have been expanded to org-scope tags with hierarchical support. Cloud NGFW for RDMA networks, now in preview, enables Zero Trust networking for high performance computing VPCs, including AI workloads in Google Cloud.
• Cloud Armor Enterprise support for hierarchical security policies and organisation-scoped address groups is now generally available, helping with centralised control and automatic protection of new projects in Google Cloud. Cloud Armour also has updated inspection limits for WAF rules and added support for rate limiting by JA4 fingerprints and ASN based threat intelligence for Media CDN.

Unlocking the Potential of AI, Responsibly

The innovations  Google shared at Google Cloud Security Summit 2025 demonstrate the company’s commitment to making security an enabler of business. By automating compliance, simplifying access management, and expanding data protection for your AI workloads, Google is helping organisations enhance their security posture with greater speed and ease.