Google has announced the launch of its new cybersecurity product, Google Threat Intelligence, which integrates its existing cybersecurity division and VirusTotal threat intelligence platform with the Gemini AI model. The product uses the advanced capabilities of the Gemini 1.5 Pro large language model to speed up the process of analyzing and responding to malware attacks.
Gemini 1.5 Pro, released in February, showed its skill by analyzing the code of notable ransomware attacks, such as the 2017 incident that severely disrupted various institutions globally, identifying a kill switch in just 34 seconds. This rapid analysis shows the potential of large language models (LLMs) in the cybersecurity domain, particularly in tasks involving reading and writing code.
A notable feature of Threat Intelligence is its ability to summarize threat reports into natural language, enabling companies to better understand and assess the impact of potential attacks.
Reason #724 for why you should make Google part of your security team:
Gemini in Google Threat Intelligence can help analysts simplify threat research and reduce the time it takes to identify and protect against novel threats.
Learn more → https://t.co/IgA3ptQphl pic.twitter.com/EkmUvEZScI— Google Cloud (@googlecloud) May 27, 2024
This helps organizations avoid overreacting or underreacting to threats.
The platform also provides a comprehensive view of the cybersecurity landscape, enabling users to monitor potential threats before they occur and prioritize their focus accordingly.
Google’s new cybersecurity tool explained
Human experts play a crucial role by monitoring malicious groups and collaborating with companies to preemptively block attacks.
The community behind VirusTotal also contributes by regularly posting threat indicators. Experts are also tasked with assessing security vulnerabilities in AI projects, testing the defenses of AI models, and assisting in red-teaming efforts to enhance security.
It is important to note that while AI models can effectively summarize threats and reverse engineer malware, they are not immune to attacks.
At #RSAC, we shared how security teams can better defend against threats with Google Security Operations.
Use Gemini in Security Operations to empower SOC teams to detect and respond to threats more easily.
Check it out → https://t.co/oEipG6r9Tp pic.twitter.com/uhnKDUvqfM
— Google Cloud (@googlecloud) May 29, 2024
Malicious actors sometimes embed harmful code into the data that AI models scrape, impairing the models’ ability to respond correctly to specific prompts.
Google’s venture into integrating AI with cybersecurity is part of a broader industry trend. Other tech giants, such as Microsoft with its GPT-4 powered cybersecurity-specific AI model, are also exploring similar initiatives.
Whether these efforts represent the most effective use of generative AI remains a topic of discussion, but their application in cybersecurity signifies a meaningful advancement beyond simple generative tasks like creating fake images.