AI Cybersecurity at mWISE 2024: Google’s Mandiant Leads the Way

As AI cybersecurity becomes increasingly critical, hackers are becoming more sophisticated, discover new and unexpected attack surfaces in today’s interconnected systems. But here’s the good news: the average time attackers remain undetected on a target’s network has fell to its lowest point in decadeslargely thanks to Google LLC’s Mandiant and associated AI cybersecurity tools and partnerships.

“Even though we have some of the best security capabilities in the world…we needed someone like Mandiant on the front lines of intelligence,” he said. Brian RoddyVice President of Cloud Engineering and Security at Google, told the CUBE in July. He added that the hundreds of thousands of hours spent using Mandiant consultants to respond to incidents had built up a wealth of cybersecurity knowledge at Google.

Since Google acquired Mandiant Inc. in 2022 for approximately $5.4 billion and integrated it into the Google Cloud business, it has significantly evolved its security capabilities, expanding and strengthening its defenses through strategic acquisitions and partnerships.

Join theCUBE for real-time, on-site coverage of mWISE 2024 with theCUBE Savannah Peterson And John FourierTune in to theCUBE, SiliconANGLE Media’s live streaming studio, September 18-19 for exclusive interviews with top cybersecurity leaders as they explore the latest threat detection products, strategies and technologies designed to outsmart today’s most sophisticated threat actors. (*Disclosure below.)

The Evolution of AI in Cybersecurity: How Mandiant Strengthens Google’s Cybersecurity Through Strategic Partnerships

As hackers increasingly rely on artificial intelligence and sophisticated evasion techniques, Mandiant has played a critical role in strengthening Google’s AI cybersecurity. For example, Mandiant uncovered the tactics of two sophisticated state-sponsored groups: APT29 in Russia and North Korea’s highly advanced supply chain attack on 3CXwhich was particularly difficult to detect.

The company has also linked Russia Sandworm hacking group to exploit water infrastructure vulnerabilities, highlighting its role in protecting critical infrastructure. More recently, Mandiant exposed a critical vulnerability in Microsoft’s Azure Kubernetes service, highlighting its expertise in protecting cloud environments.

“The recent vulnerability discovered in Azure Kubernetes Services is a prime example of how complex modern cloud environments can create unexpected security risks,” Guy Rosenthalvice president of products at a security solutions provider DoControl Inc.told SiliconANGLE. “This is not just a configuration error; it is a sophisticated attack that leverages undocumented Azure components to gain elevated privileges within a Kubernetes cluster.”

Over the past year, Google has significantly enhanced and evolved Mandiant’s capabilities through strategic acquisitions, making it a cornerstone of its AI cybersecurity strategy. One of the key developments was Mandiant integration with VirusTotalwho created a solid Google Threat Intelligence offering. With this integration, powered by AI and Google’s deep threat intelligence, security teams can contextualize and operationalize threat intelligence, significantly improving their defense against emerging threats, according to Roddy.

“When it comes to threat intelligence, Mandiant Threat Intelligence, through all of their work on incident response (and) all of their work analyzing the threat landscape, has been an incredible asset,” Roddy said. Referring to VirusTotal, he added: “It’s a tool that security professionals around the world use to get a sense of what’s going on with a particular threat, a particular piece of malware, and get a sense of that. And then we have other threat intelligence within Google.”

Strategic Partnerships: Expanding Mandiant’s Role in AI Cybersecurity

As part of its broader AI cybersecurity strategy, Google has expanded Mandiant’s reach through key industry partnerships. For example, partnership with Nozomi Networks Inc. enhances the ability of industrial and enterprise security teams to anticipate and respond to cyber threats in real time by combining Mandiant’s threat intelligence with Nozomi’s expertise in operational technology and Internet of Things security.

“This latest extension (of our partnership) is another critical step in our journey to combine threat intelligence sources and defenses to achieve the best possible security outcomes for the world’s critical infrastructure,” said Melissa K. SmithSenior Director of Strategy and Partnerships, Office of the CTO, Mandiant. “By combining Mandiant’s threat intelligence and expertise with Nozomi Networks’ threat intelligence and operational technology tools, we can enable critical infrastructure organizations to enhance their threat intelligence and investigations for a stronger defense.”

Another a meaningful and forward-thinking collaboration Mandiant partners with Menlo Security Inc. to enhance browser security by leveraging Google Cloud resources. The partnership further strengthens Mandiant’s role in protecting digital environments across diverse industries.

“While secure browsers have been available for some time, I believe we are at an inflection point in the industry that is driving increased demand,” said the CUBE Collective analyst. Zeus Kerravalawho is the lead analyst of ZK Search“This shift to permanent remote work is a major enabler for secure browsers. As remote work becomes more prevalent, businesses need secure ways for employees to access corporate resources from anywhere, securely. In my conversations with customers, the top use case for secure browsers is replacing the virtual desktop interface.”

Live Stream of theCUBE Event

Not to be missed TheCUBE cover of mWISE 2024, September 18-19. Additionally, you can watch theCUBE’s coverage of the event on demand after the live event.

How to watch CUBE interviews

We offer you different ways to watch TheCUBE cover of mWISE 2024, including the CUBE dedicated website and the YouTube channel. You can also get all the coverage of this year’s events on SiliconANGLE.

TheCUBE Insights Podcast

SiliconANGLE also offers podcasts of archived interview sessions, available at iTunes, seamstress And Spotifywhich you can enjoy while traveling.

SiliconANGLE also features in-depth analyst analysis on our Breaking Analysis podcast, available on iTunes, seamstress And Spotify.

Guests

During mWISE 2024theCUBE Research analysts will speak with industry executives and experts about Google’s ongoing security innovations, many of which highlight Mandiant’s ever-expanding leadership role.

(*Disclosure: TheCUBE is a paid media partner for the mWISE 2024 conference. Neither Google, the sponsor of theCUBE’s coverage of the event, nor other sponsors have any editorial control over the content on theCUBE or SiliconANGLE.)

Image: SiliconANGLE