Google Bets $32b On Ai Agent Cyber Force As Security Arms Race Escalates

Viktor Tanasiichuk via iStock / Getty Images Plus

Follow ZDNET: Add america arsenic a preferred source on Google.

ZDNET's cardinal takeaways

• Google launches AI agents for cyber defense warfare.
• $32bn Wiz woody signals nation-state level urgency.
• AI now hunts, detects, and fixes threats astatine speed.

Today astatine Google Cloud Next 2026, Google is introducing a caller agentic defense portfolio that combines threat intelligence, information operations, and proactive threat mitigation activities.

Also: 5 information strategies your business can't get incorrect successful nan property of AI - and why they're critical

In different words, Google is going to war, and it's unveiling its large guns.

Humans aren't accelerated capable

Cyberattacks person been portion of nan computing scenery since location person been networked computers. As nan web grew larger and faster, nan ferocity of attacks increased.

Whether initiated by nation-states, criminals, hacktivists, aliases disgruntled individuals, attacks person ever been asymmetric. In different words, each nan attacker has to do is find 1 flaw to usage arsenic an introduction point. Defenders person ever had to take sides against everything.

Also: AI agents are fast, loose, and retired of control, MIT study finds

While assaults for illustration denial-of-service attacks could tally astatine instrumentality speed, nan capacity to create and deploy attacks was ever constricted by humans' expertise to find exploits and creation attacks. Likewise, nan defenders could initiate automated defenses, specified arsenic firewalls. However, onslaught mitigation had to beryllium done by group pinch discernment truthful they could adhd protections and respond without breaking systems.

AI changes each of that. Enemy actors tin usage enormously powerful ample connection models to place vulnerabilities and deploy attacks astatine particle speed. By utilizing parallel agents, they tin moreover do truthful pinch tremendous integer armies of attackers, each moving astatine speeds good beyond nan powers and abilities of mortal humans.

Also: Will AI make cybersecurity obsolete, aliases is Silicon Valley confabulating again?

To take sides against larger onslaught surfaces, faster AI deployment, and adversaries utilizing AI for much blase attacks, nan bully guys besides request AI armies. Human analysts can't process nan barrage of bits accelerated enough.

That operation of alteration brings america to Google; nan patient is fundamentally launching a cyberforce of AI agents that tin not only run connected nan beforehand lines of cyberwar but besides proviso back-end logistics and intelligence analysis. That attack is astatine nan halfway of this announcement.

$32 cardinal

Wiz is simply a cybersecurity institution formed successful 2020. Its declare to fame is an uncanny expertise to find faults and vulnerabilities successful networks and package platforms. Since its founding, Wiz has efficaciously go nan apex predator of cybersecurity.

Just past month, Google's genitor Alphabet acquired Wiz. All it took was a $32 cardinal all-cash transaction, nan largest ever cybersecurity acquisition, and nan azygous biggest acquisition successful Alphabet history.

Also: Why endeavor AI agents could go nan eventual insider threat

Wiz, according to Alphabet, "Delivers an easy-to-use information level that connects to each awesome clouds and codification environments to thief forestall cybersecurity incidents."

Let's deliberation astir $32 billion, a fig that's much than Canada's full military defense budget and almost arsenic overmuch arsenic Israel's subject spending. Laying retired $32 cardinal connected a cybersecurity acquisition tells america 2 things: nan threat is real, and it justifies nation-state-level spending by nan tech giant.

Threat intelligence

Ancient Chinese subject general, strategist, and philosopher Sun Tzu said: "If you cognize nan force and cognize yourself, you request not fearfulness nan consequence of a 100 battles. If you cognize yourself but not nan enemy, for each triumph gained, you will besides suffer a defeat. If you cognize neither nan force nor yourself, you will succumb successful each battle."

This conception is astatine nan halfway of threat intelligence. In a cybersecurity context, knowing yourself intends knowing your vulnerabilities and being capable to way and negociate force attacks and invasions. If an attacker tin sneak into your web and unrecorded location for weeks aliases months, you don't cognize yourself.

Also: AI threats will get worse: 6 ways to lucifer nan tenacity of your integer adversaries

Google is announcing Agentic SecOps (security operations) pinch 3 cardinal prongs.

The tech elephantine uses Gemini AI to research nan acheronian web and build "a nuanced floor plan of your organization." The AI tin "analyze millions of regular outer events pinch 98% accuracy to thief elevate only nan threats that genuinely matter to your organization."

Google is besides deploying a caller threat-hunting supplier that uses nan immense threat intelligence knowledge gathered crossed its infrastructure to "proactively hunt for caller onslaught patterns and adversary behaviors that bypass accepted defenses."

In addition, Google is deploying a discovery engineering agent. This beastie automatically generates persistent threat discovery rules. The attack is for illustration having a robot constitute super-smart firewall rules automatically, but for each levels of web threats.

Also: 10 ways AI tin inflict unprecedented harm successful 2026

Because nan bad guys person entree to AIs that tin quickly deploy caller threats, defenders besides request to beryllium capable to jump nan quality velocity obstruction and deploy caller protect engineering solutions astatine instrumentality speed.

According to Google, "Customers are already benefiting from our Triage and Investigation Agent, which has processed much than 5 cardinal alerts to date, reducing a emblematic 30-minute manual study to 60 seconds."

Red, Blue, and Green

The Wiz constituent plays a domiciled by protecting AI and unreality apps crossed immoderate infrastructure. For immoderate broad protect solution to beryllium effective, it has to beryllium disposable crossed vendor merchandise lines.

The Wiz AI Application Protection Platform supports Databricks, AWS Agentcore, Gemini Enterprise Agent Builder, Microsoft Azure Copilot Studio, and Salesforce Agentforce. Wiz besides offers cloud-edge protection, extending its shields astir implementations from Apigee, Cloudflare, Vercel, and "others."

Also: Why encrypted backups whitethorn neglect successful an AI-driven ransomware era

A large use is that multivendor support besides adds much discourse astir nan outer onslaught surface, meaning nan exertion understands nan threat situation much completely.

For active-threat situation defense, Wiz is deploying Red, Green, and Blue Agents that enactment arsenic a information intelligence squad crossed nan enterprise.

The Red Agent is simply a penetration testing information researcher. It's designed to find ways into your web and past catalog that accusation for nan different agents successful nan network. Think of nan Red Agent arsenic a information defender perpetually operating and trying each nan locks to make judge they're really still locked.

Then deliberation of nan Blue Agent arsenic a crime segment detective. It gathers grounds from logs, identities, and strategy activity, and uses that accusation to reconstruct behaviors and find severity. Its occupation is to enactment arsenic a forensic expert who discovers each nan specifications of a breach and explains nan communicative down what happened.

Also: 5 ways you tin extremity testing AI and commencement scaling it responsibly successful 2026

The Green Agent is nan maestro mechanic. Given accusation from nan Red and Blue Agents, nan Green Agent goes retired and builds a fix. Key to nan AI capacity is that it builds a focused fix, specifically tied to nan existent network. That way, a hole has a overmuch little chance of undoing thing already moving decently connected nan network.

Together, nan Red Agent looks for anemic points, nan Blue Agent identifies really and why thing bad mightiness person happened, and nan Green Agent stops bad worldly from happening again. Think of this attack arsenic test, investigate, and fix.

ReCAPTCHA is truthful 2024

As acold backmost arsenic 2024, AIs could lick reCAPTCHA tests. You cognize those tests? They're designed to corroborate that you're a quality and not a bot trying to spoof thing connected nan internet.

ReCAPTCHA works, to a point. We've each been disappointment that nan 5th image is simply a span aliases a motorcycle, and for immoderate reason, reCAPTCHA doesn't admit it arsenic such. Raise your manus if you've yelled "I'm human" astatine your machine much than once. I have. I'm not proud.

Also: 5 ways to usage AI to modernize your bequest systems

Into this space, Google is introducing Google Cloud Fraud Defense. Google describes this arsenic "The improvement of reCAPTCHA, and provides nan intelligence that businesses request to spot their integer interactions and commerce."

It's fundamentally a level designed to find whether an accessing entity is simply a human, a bot, aliases an agent.

State nan facts, Jack

Google included immoderate societal impervious successful its announcement. The institution described occurrence stories from a assortment of awesome customers utilizing these caller tools.

A fewer of those firms that person seen capacity improvements include:

• Colgate-Palmolive decreased outer vulnerability issues by 44% and now sustains agelong periods of zero captious risks pinch Wiz.
• Deloitte accrued expert ratio by much than 60%. Threat hunts crossed billions of logs dropped from hours to seconds. Detection norm procreation now takes minutes alternatively of weeks.
• Urgent and caller information vulnerabilities that utilized to return Shell betwixt 3 days and 2 weeks to observe are now managed successful near-real time.

Welcome to nan 2026 arms title

When multi-billion-dollar companies commencement spending connected defense for illustration nation-states and deploy AI agents for illustration battalions, it's clip to judge that nan crippled has changed.

Attackers are scaling, automating, accelerating, and adding intelligence that thinks astatine warp velocity earlier quality defenders tin down their first cup of coffee. Malicious AIs tin tally 24 hours a day, 7 days a week, without needing slumber aliases caffeine. All they request to do is find 1 error, and they're in.

To defend, targets request to run astatine superhero speed, prolong that attack astir nan clock, and drawback and mitigate attacks faster than a blinking eye, faster than a speeding bullet, and faster than nan clip it takes to click a mouse.

Google is surely not nan only large institution moving connected this problem, but they now person a viable introduction into nan arms race. Unfortunately, an arms race, by definition, ne'er really ends. It only escalates.

How comfortable are you pinch an AI strategy that builds and deploys its ain discovery rules crossed your network? Let america cognize successful nan comments below.

You tin travel my day-to-day task updates connected societal media. Be judge to subscribe to my play update newsletter, and travel maine connected Twitter/X astatine @DavidGewirtz, connected Facebook astatine Facebook.com/DavidGewirtz, connected Instagram astatine Instagram.com/DavidGewirtz, connected Bluesky astatine @DavidGewirtz.com, and connected YouTube astatine YouTube.com/DavidGewirtzTV.