Google launches Google Threat Intelligence, a cybersecurity tool that uses chat AI Gemini to analyze malware and summarize threat reports



On May 7, 2024, Google announced the cybersecurity tool ' Google Threat Intelligence .' Google Threat Intelligence is a combination of Google's cybersecurity tools '

Mandiant ' and ' VirusTotal ' with Google's network and chat AI 'Gemini,' and is said to enable more practical countermeasures.

Introducing Google Threat Intelligence: Actionable threat intelligence at Google scale | Google Cloud Blog
https://cloud.google.com/blog/products/identity-security/introducing-google-threat-intelligence-actionable-threat-intelligence-at-google-scale-at-rsa/?hl=en

Google's AI plans now include cybersecurity - The Verge
https://www.theverge.com/2024/5/6/24150610/google-gemini-cybersecurity-mandiant

According to Google, there were two challenges to addressing cybersecurity threats: 'We were unable to comprehensively understand the threat landscape' and 'We had to spend extra time, energy, and money to collect and manage the data.'

The new tool, Google Threat Intelligence, aims to improve this. One of the main pillars of this tool is the code summarization performed by Google's chat AI, Gemini 1.5 Pro.

According to Google, Google Threat Intelligence can use Gemini to analyze potentially malicious code and summarize the results in natural language. By converting strings of code that are difficult to understand at a glance into a form that is easy for humans to read, it is said that the time it takes to take security measures can be significantly reduced.



In tests using Gemini 1.5 Pro, which can handle up to 1 million tokens, it was able to analyze the code of

WannaCry , the ransomware that disrupted hospitals, businesses and other organizations around the world in 2017, in just 34 seconds and successfully identify the kill switch.

In addition to analyzing and summarizing code using AI, Gemini can also automatically crawl the web, retrieve and categorize reports of online threats, and provide countermeasures against them.

By combining this AI with Mandiant's incident responders and security consultants, VirusTotal threat analysis, open source web information, and information from a wide range of Google products, it is said that the company will be able to protect users with an unprecedented comprehensive security solution.



'There are many threat defenses available, but the challenge for many enterprises is contextualizing and operationalizing that intelligence as it pertains to their specific organization,' said Dave Glover, principal analyst at market analysis firm Enterprise Strategy Group. 'Google provides two of the most important pillars of threat intelligence with VirusTotal and Mandiant, but by combining them into a single service, powered by AI, security teams have a new way to operationalize actionable threat intelligence and better protect their organizations.'

in Security, Posted by log1p_kr