admin The launch marks a sharper contest in enterprise security, where artificial intelligence is shifting the centre of gravity from manual patching and alert handling to continuous analysis, contextual triage and automated response. Google Cloud is positioning its platform as an always-on defence layer combining Google Threat Intelligence, Mandiant expertise, Security Command Centre, Google Security Operations and Gemini-powered agents.
The move comes as attackers increasingly use generative models to discover software flaws, automate reconnaissance, craft phishing lures and accelerate exploitation. Security teams that once relied on defined patch windows are facing shorter intervals between vulnerability discovery and attempted compromise, forcing large organisations to prioritise exposure management, exploitability scoring and runtime protection over conventional ticket-based remediation.
Google’s latest approach builds on its wider security push at Cloud Next 2026, where the company highlighted an “agentic” security operations model. Its Triage and Investigation agent has been presented as a way to compress alert analysis from lengthy manual reviews into near-real-time case assessment, while newer agents for threat hunting and detection engineering are designed to search for hidden attack patterns and generate defensive rules.
A central part of Google’s pitch is context. Rather than treating vulnerabilities, identities, workloads and cloud misconfigurations as separate problems, the platform is designed to connect signals across code, cloud assets, user behaviour, model interactions and threat intelligence. That matters because attackers rarely exploit a single weakness in isolation; breaches often arise from combinations of exposed services, excessive permissions, unpatched systems and weak monitoring.
The acquisition of Wiz has strengthened Google Cloud’s hand in this race. Wiz built its reputation on identifying toxic combinations across multicloud environments, including misconfigurations, excessive privileges and exploitable workloads. Google is now seeking to blend that visibility with its own telemetry and AI models, giving security teams a fuller view of risks across cloud platforms, software pipelines and AI deployments.
Anthropic has raised the competitive stakes through Project Glasswing, which has shown how advanced models can uncover large numbers of high- and critical-severity flaws in widely used open-source software. Its work underscores a dual-use problem: the same capabilities that help defenders identify long-hidden vulnerabilities can also shorten the path for adversaries seeking exploitable weaknesses.
OpenAI is competing from the application-security side with Codex Security, an agentic tool built to inspect project context, validate vulnerabilities and propose fixes. Its wider trusted-access cyber programme gives vetted defenders access to more capable models for defensive work, while maintaining restrictions intended to reduce misuse. That model reflects a different commercial and policy strategy from Google’s platform-led approach, but the end market is increasingly converging.
For enterprises, the issue is no longer whether AI will enter cyber operations, but how much autonomy it should be given. Security leaders are looking for tools that can cut alert fatigue and improve patch prioritisation, yet they remain cautious about agents that can access production systems, invoke tools, edit code or trigger remediation actions. Human oversight, audit trails and policy controls are becoming critical buying criteria.
India adds a distinct regulatory dimension to this contest. The Digital Personal Data Protection framework, CERT-In’s incident reporting requirements and rising scrutiny of critical digital infrastructure have increased pressure on enterprises to improve visibility, breach response and data-handling discipline. Financial services, telecoms, healthcare, cloud service providers and large digital platforms are especially exposed to both cyber risk and compliance expectations.
This creates an opening for AI-native cyber platforms that can document decisions, map data exposure, support faster reporting and show defensible governance. Organisations operating in India’s digital economy need tools that can identify sensitive data flows, detect unauthorised access, manage third-party risk and support board-level accountability. Automated security may therefore become not only a technical upgrade, but also a compliance enabler.
Risks remain significant. Autonomous security agents can generate false positives, overlook business context, or take overly aggressive remediation steps that disrupt operations. AI systems can also be targeted through prompt injection, tool poisoning, data leakage and compromised agent workflows. The rise of agentic software means defenders must secure not only applications and networks, but also the AI systems used to protect them.
