Mandiant blends Google Cloud, AI to automate threat hunting

Google Cloud is deepening its integration of Mandiant threat intelligence and services as it approaches the anniversary of its $5.4 billion acquisition of the incident response and threat intelligence firm last year.

The company introduced Mandiant Hunt for Chronicle Security Operations, a new managed threat hunting service, Tuesday at Google Cloud Next.

The service brings Mandiant’s threat hunting intelligence and personnel to customers’ Chronicle security environments, which combine Google’s security information and event management (SIEM) and security orchestration, automation and response (SOAR) offerings.

“Security operations teams can now get threat hunting on their Chronicle data by Mandiant experts who use our latest frontline intelligence to expose attacker activity before it negatively impacts your organizations,” Mandiant CEO Kevin Mandia said during a keynote at Google Cloud Next.

“In short, folks, having Mandiant Hunt for Chronicle is like adding thousands of security experts to your team overnight,” Mandia said.

Already, Mandiant is an in-demand incident response firm; it performed 1,800 cybersecurity engagements with organizations in 2022 and investigations are already up 35% over last year, according to Mandia.

The managed threat-hunting service offered to Google Cloud Security customers could scale the business further.

The move emboldens Google Cloud’s positioning as a standalone security vendor claiming end-to-end capabilities powered by acquisitions and internal cloud infrastructure development. 

Google Cloud also fused its generative artificial intelligence technology, Duet AI, across its security products, including Chronicle Security Operations, Mandiant Threat Intelligence and the Security Command Center. 

“Even armed with the right intelligence, products and infrastructure, security is still too challenging for the majority of organizations,” Mandia said.

“Currently, security analysts are overwhelmed with the security events that they see every day,” Mandia said. “Duet AI reduces analysts time spent writing, running and refining searches, and triaging complex cases by seven times.”

Steph Hay, head of user experience at Google Cloud Security, said Duet AI can: 

  • Generate summaries to describe threats
  • Search for patterns in an organization’s security data to determine potential impacts
  • Recommend actions based on alerts and other means to close down attack paths

The Duet AI capabilities for Google Cloud Security products and Mandiant Hunt for Chronicle are now available in preview with general availability expected later this year.

Check Also

Montana's big game hunting season outlook for western Montana

Montana’s big game hunting season outlook for western Montana

Following three consecutive mild winters, the 2022-2023 winter was a return to a colder and …

Leave a Reply

Your email address will not be published. Required fields are marked *