Google unveils new AI and cloud security capabilities at Security Summit

Google used its Cloud Security Summit 2025 today to introduce a wide range of updates aimed at securing AI innovation and strengthening enterprise defenses. The announcements span protections for AI agents, new tools for security operations centers, enhancements in cloud security, and extended safeguards for enterprise browsing.

New dashboards in Google Security Operations showcasing the native integration of SOAR data

AI security takes the spotlight

AI security took center stage with the debut of new capabilities for Google Agentspace and Agent Builder. These updates include expanded AI agent inventory and risk identification, advanced in-line protection and posture controls, and proactive threat detection and management.

Naveed Makhani, Product Lead for Security AI at Google Cloud, explained to Help Net Security how the new safeguards aim to strike a balance between flexibility and control. “Our philosophy is to make the secure path the easy path, without sacrificing the flexibility developers need. We provide a layered set of built-in protections: detective policies to give security teams visibility without restricting developers and preventative controls to block high-risk actions by default. For developers who need maximum control, our core security capabilities like Model Armor are available via a REST API, giving developers the flexibility to define tailored protections for their application’s specific use cases and associated risks,” he said.

The agentic SOC vision

Google also expanded on its vision of the Agentic SOC, a system where AI agents coordinate to automate triage, investigation, and response. A new alert investigation agent, now in preview, can enrich events, analyze command-line inputs, and build process trees using methods drawn from Mandiant’s frontline analysts.

Payal Chakravarty, Director of Product Management for Google Security Operations, said the approach is designed to change how human analysts spend their time. “The Agentic SOC is positioned for all use cases; primarily, alert triage, investigation & response followed by detection engineering and threat hunting. We envision human analysts to be able to work on more complex investigations than spending time on collecting evidence and conducting routine triage and dispositions. We also expect that via the deep investigations the agent is capable of doing, analysts get more depth of analysis and understanding for determining root cause,” she said.

Expanding cloud security tools

Beyond AI, Google introduced new features in its broader cloud security portfolio. Updates to Security Command Center include Compliance Manager, Data Security Posture Management, and Risk Reports, all designed to streamline compliance and highlight emerging threats.

In identity and access management, the company previewed an IAM role picker powered by Gemini, agentic IAM for auto-provisioning agent identities, and re-authentication for sensitive actions.

Strengthening identity and data protection

Data protection also received attention, with expanded monitoring of AI-related assets in BigQuery and CloudSQL, image inspection for sensitive data, and a general release of Autokey in Cloud Key Management. Network security updates included expanded Cloud NGFW tags and preview support for zero trust networking in high performance computing environments.

For enterprise browsing, Chrome Enterprise now offers stronger protections on iOS and Android, including URL filtering and new reporting capabilities to track security events across mobile devices.