At Google Cloud Next, a Unified Push to Fortify Enterprise Cybersecurity

Google unveils Unified Security at Cloud Next, converging threat intelligence, security operations, and AI-powered tools. NextTech Today reported on how this aims to help organizations proactively defend against evolving cyber threats.

Google Cloud Next – The digital landscape shifted dramatically today at Google Cloud Next, with the tech giant unveiling Google Unified Security, a sweeping set of new security agents, and a comprehensive overhaul of its security portfolio. The message was clear: Google is doubling its commitment to deliver stronger security outcomes and position itself as an indispensable ally for organizations facing an increasingly complex threat environment.

Enterprise infrastructure continues its seemingly exponential expansion. This growth, while driving innovation, presents a significant challenge for security professionals. The attack surface is broadening at an alarming rate, and the disparate, often disconnected security tools currently deployed by many organizations are simply not up to the task. These fragmented systems create data silos, lack crucial contextual awareness, and leave companies perpetually playing catch-up against sophisticated attackers. Security teams, bogged down by cumbersome workflows and a lack of integration, struggle to gain a holistic view of their organization’s risk profile, hindering their ability to address vulnerabilities proactively.

Google’s answer to this challenge is Google Unified Security. This new offering converges Google’s formidable security arsenal – encompassing threat intelligence, security operations, cloud security, and secure enterprise browsing – with the renowned expertise of Mandiant. At its core, Google Unified Security is powered by artificial intelligence, promising a more cohesive and effective defense.

Now generally available, Google Unified Security aims to provide a robust foundation for superior security outcomes. It establishes a single, scalable, and, most importantly, searchable security data fabric that spans the entire attack surface. This unified approach purports to grant organizations unprecedented visibility, detection, and response capabilities across various environments, including networks, endpoints, clouds, and applications. By automatically enriching security data with the latest Google Threat Intelligence, the system aims to enhance detection accuracy and streamline prioritization. And, in a nod to the ever-increasing demands on security practitioners, Google is leveraging its Gemini AI to improve efficiency across the entire security workflow.

Also Read: Making Sense of 2025: The Tech Leaders Turning Complexity into Clarity

Industry analysts are taking note. “Google Unified Security represents a step forward in achieving better security outcomes,” said Michelle Abraham, Senior Research Director, Security and Trust, IDC. “Integrating browser behavior managed threat hunting, and security validation offers organizations a more holistic and streamlined defense against today’s complex threat landscape.”

According to the company, the true power of Google Unified Security lies in its integrated product experiences. Key examples include:

• Integrating browser telemetry and asset context from Chrome Enterprise into Google Security Operations is designed to bolster threat detection and remediation efforts.
• Combining Google Threat Intelligence with security validation enables organizations to proactively understand exposures and rigorously test their security controls against the latest observed threat actor activity.
• Enriching cloud risk and exposure data from the Security Command Center, including those impacting AI workloads, with integrated Google Threat Intelligence aims to improve threat hunting and incident triage.

Google is also emphasizing the role of AI in this new paradigm. Infused with semi-autonomous AI capabilities, these integrated products seek to provide preemptive security, empowering organizations to anticipate and mitigate threats before attackers can inflict damage or loss.

Early customer feedback suggests this approach is resonating. “I see Google and its security suite as one of the top partnerships I have within my organization,” said Craig McEwen, Deputy CISO, Unilever. “The value they bring, the expertise and the knowledge, the willingness to play with us to explore new opportunities and to look at new areas — it makes them a true partner and someone we’re very happy to be working with.”

The perspectives of key industry players further underscore the significance of these developments. “Accenture and Google Cloud partner to help clients achieve the cyber resilience their businesses need to stay ahead of today’s threats,” said Paolo Dal Cin, Global Lead, Accenture Security. “By integrating advanced threat intelligence, comprehensive visibility and AI assistance, we can help organizations shift from reactive to proactive and agile responses. This unified approach, powered by Google Unified Security, can help us deliver a new standard of cyber resilience with greater scale, speed and effectiveness.”

Also Read: Why Data Observability is Essential for Modern Data Teams

“Deloitte Cyber and Google Cloud are working closely together to secure the modern enterprise – which includes using the leading capabilities from both Deloitte and Google to protect data, users, and applications,” said Adnan Amjad, Principal U.S. Cyber Leader, Deloitte & Touche LLP. “Google Unified Security brings together a centralized data fabric, integrated threat intelligence, unified SOC and cloud workflows, and agentic AI automation — creating a powerful platform to drive our clients’ security transformation.”

A key component of Google’s strategy involves the deployment of agentic AI to augment security operations. The company envisions a future where intelligent agents work with human analysts, automating routine tasks, enhancing decision-making, and freeing human experts to focus on more complex challenges. 

To that end, Google is introducing several new Gemini Security agents:

• In Google Security Operations, an alert triage agent is being introduced to perform dynamic investigations on behalf of users. Expected to preview for select customers in Q2 2025, this agent will analyze the context of each alert, gather relevant information, and provide a verdict, along with a detailed account of its investigative process. Google believes this agent will significantly reduce the manual workload of Tier 1 and Tier 2 analysts, who often grapple with hundreds of alerts daily.
• Google Threat Intelligence will also introduce a malware analysis agent designed to determine whether code is safe or harmful. Also slated for preview in Q2 2025, this agent will analyze potentially malicious code with the ability to create and execute scripts for deobfuscation. The agent will then summarize its findings and deliver a final verdict.

According to Google, these agentic AI advancements aim to deliver faster detection and response with enhanced visibility and streamlined workflows. The company catalyzes security teams to reduce toil, enhance cyber-resilience, and drive strategic program transformation.

Also Read: Explained: Markov Chain Monte Carlo

Google is also focusing on enhancing its existing security offerings:

• Now generally available, new data pipeline management capabilities in Google Security Operations are designed to help customers better manage scale, reduce costs, and meet compliance mandates. Through an expanded partnership with Bindplane, Google enables users to transform and prepare data, route data to various destinations and multiple tenants, filter data to control volume and redact sensitive data for compliance purposes.
• The new Mandiant Threat Defense service for Google Security Operations, also generally available, provides comprehensive active threat detection, hunting, and response. Mandiant experts will work alongside customer security teams, utilizing AI-assisted threat-hunting techniques to identify and respond to threats, conduct investigations, and scale response through security operations SOAR playbooks.
• Security Command Center is also receiving a boost with recently announced AI Protection capabilities for managing risk across the AI lifecycle for Google Cloud customers. AI Protection helps discover AI inventory, secure AI models and data, and detect and respond to threats targeting AI systems.
• Model Armor, now generally available as part of AI Protection, allows users to apply content safety and security controls to prompts and responses for a broad range of models across multiple clouds. Model Armor is now integrated directly with Vertex AI, allowing developers to automatically route prompts and responses for protection without altering their applications.
• New Data Security Posture Management (DSPM) capabilities, coming to preview in June, will enable discovery, security, governance, and monitoring of sensitive data, including AI training data. DSPM will help discover and classify sensitive data, apply data security and compliance controls, monitor for violations, and enforce access, flow, retention, and protection directly in Google Cloud data analytics and AI products.
• A new Compliance Manager, launching in preview at the end of June, will combine policy definition, control configuration, enforcement, monitoring, and audit into a unified workflow. Building on the configuration of infrastructure controls delivered using Assured Workloads, this new tool will provide Google Cloud customers with an end-to-end view of their compliance state, streamlining the process of monitoring, reporting, and proving compliance to auditors with Audit Manager.

Also Read: Safeguarding Data for the Quantum Era

• Other Security Command Center enhancements include a new integration with Snyk’s developer security platform (in preview) to help teams find and fix software vulnerabilities faster and new Security Risk dashboards for Google Compute Engine and Google Kubernetes Engine (generally available) to deliver insights into top security findings, vulnerabilities, and open issues directly in the product consoles.
• Google is also expanding its Risk Protection Program, which provides discounted cyber-insurance coverage based on cloud security posture. The company welcomes Beazley and Chubb, two of the world’s largest cyber insurers, as new program partners to expand customer choice and broaden international coverage. As part of the program, these partners will provide affirmative AI insurance coverage exclusively for Google Cloud customers and workloads. Chubb will also offer coverage for risks resulting from quantum exploits, proactively addressing the potential threat of quantum computing attacks.
• Chrome Enterprise is also receiving updates, with new employee phishing protections that leverage Google Safe Browsing data to protect employees against lookalike sites and portals. Organizations can now configure and add their own branding and corporate assets to help identify phishing attempts disguised on internal domains.
• Google is also enhancing data protection capabilities in Chrome Enterprise Premium. In addition to watermarking and screenshot blocking and controls for copy, paste, upload, download, and printing, the platform is now making data masking generally available. Key enterprise browsing protections, including copy and paste controls and URL filtering, are also being extended to Android.
• Mandiant Cybersecurity Consulting is also evolving. The Mandiant Retainer now provides on-demand access to Mandiant experts with pre-negotiated terms and two-hour incident response times. Customers will have greater flexibility to redeem pre-paid funds for investigations, education, and intelligence to enhance their expertise and resilience.
• Mandiant Consulting is also partnering with Rubrik and Cohesity to deliver a solution to minimize downtime and recovery costs following a cyberattack. By combining Mandiant consultants with data backup and recovery solutions, the partnership seeks to help customers establish, test, and validate cloud-isolated recovery environments (CIRE) for critical applications on Google Cloud and provide incident response services in case of a compromise.

Also Read: AI vs. Dating App Fatigue: Can Tech Mend Broken Romance?

• Google continues to invest in security controls and capabilities for its cloud platform, aimed at helping organizations meet evolving policy, compliance, and business objectives. Key updates include:
• For Sovereign Cloud, Google Cloud is expanding its portfolio of sovereign cloud solutions, offering Regional and Sovereign Controls across 32 regions in 14 countries. Google Cloud also offers Google Cloud Sovereign AI services in its public cloud, sovereign cloud, and distributed clouds, as well as with Google Workspace.
• In partnership with Thales, Google Cloud is launching the S3NS Trusted Cloud, now in preview, designed to meet France’s highest level of cloud certification, the SecNumCloud standard. This offering represents the first sovereign cloud solution based on the Google Cloud platform, which is operated, majority-owned, and fully controlled by a European organization.
• For Identity and Access Management, Google Cloud is introducing unified access policies (coming to preview in Q2) to create a single definition for IAM allow and IAM deny policies, enabling a more consistent application of fine-grained access controls. Managed Workload Identities, now available in preview, allows users to provision SPIFFE-based identities for workload-to-workload authentication using mTLS. Workload Identity Federation with X.509 certificates is generally available, further strengthening workload authentication.
• Google Cloud is also expanding its Confidential Computing offerings. Confidential GKE Nodes with AMD SEV-SNP and Intel TDX will be generally available in Q2, requiring no code changes to secure standard GKE workloads. Confidential GKE Nodes with NVIDIA H100 GPUs on the A3 machine series will be in preview in Q2, offering confidential GPU computing without code modifications.
• The Sensitive Data Protection discovery service for Vertex AI and Azure Storage is generally available, enabling continuous data asset monitoring and integration with the Security Command Center’s virtual red teaming and AI Protection. Google Cloud also previews data-in-motion scanning through Cloud Load Balancing and Secure Web Proxy and announces upcoming Dataplex V2 support.
• The single-tenant Cloud Hardware Security Module (HSM), now in preview, provides dedicated, isolated HSM clusters managed by Google Cloud while granting customers full administrative control.
• For network security, Google Cloud is introducing Network Security Integration, which allows enterprises to easily insert third-party network appliances and service deployments to protect Google Cloud workloads without altering routing policies or network architecture. Out-of-band integrations with ecosystem partners are generally available now, while in-band integrations are available in preview.
• DNS Armor, powered by Infoblox Threat Defense, coming to preview later this year, uses multi-sourced threat intelligence and AI/ML capabilities to detect DNS-based threats.
• Cloud Armor Enterprise now includes hierarchical policies for centralized control and automatic protection of new projects, which are available in the preview.
• Cloud NGFW Enterprise will soon support L7 domain filtering capabilities to monitor and restrict egress web traffic to only approved destinations (coming to preview later this year).
• Secure Web Proxy (SWP) now includes inline network data loss protection capabilities through integrations with Google’s Sensitive Data Protection and Symantec DLP using service extensions, available in preview.

Also Read: Making Sense of 2025: The Tech Leaders Turning Complexity into Clarity

These announcements, while extensive, represent only a fraction of the potential outcomes achievable by converging Google’s security capabilities and infusing them with AI and frontline intelligence.

In an increasingly perilous threat landscape, choosing a strategic security partner is paramount. With Google Unified Security, Google is making a compelling case to become that partner, offering what it believes is the best, easiest, and fastest way for organizations to integrate Google’s security expertise into their operations.