구글, AI 해커 대응 위해 ‘에이전틱 보안 전략’ 전면 강화

The acceleration of AI‑driven threats has forced security teams to confront an unprecedented volume of vulnerabilities. With Anthropic’s upcoming Mythos model expected to surface even more CVEs, traditional SOC analysts are overwhelmed. Google’s agentic approach leverages large‑language‑model capabilities to sift through millions of alerts, automatically classifying and prioritizing them. By embedding AI agents directly into its Security Operations suite, Google shortens the mean time to investigate (MTTI) from half an hour to roughly one minute, a dramatic efficiency gain that can prevent breaches before they materialize.

Google’s three‑agent rollout—threat hunting, detection engineering, and third‑party context—covers the full lifecycle of an incident. The threat‑hunting agent scouts for novel attack patterns, while the detection‑engineering agent plugs gaps in existing rule sets. The upcoming third‑party context agent will enrich investigations with external intelligence, further sharpening analyst insights. Coupled with the Gemini Enterprise Agent Platform, these tools create a layered defense against shadow‑AI, where unauthorized or rogue models could otherwise slip past traditional controls. The AI‑BOM capability adds another safeguard by cataloguing every model, framework, and IDE plugin in use, enabling organizations to spot unapproved AI components quickly.

For the broader market, Google’s move signals a shift toward AI‑first security architectures. Competitors such as Microsoft and AWS are racing to embed similar autonomous agents, but Google’s integration of WIZ across AWS, Azure, and SaaS environments gives it a distinct multi‑cloud advantage. Enterprises adopting these solutions can expect not only faster response times but also a clearer inventory of AI assets, reducing compliance risk. As AI continues to permeate development pipelines, Google’s agentic strategy positions it as a pivotal player in the next generation of cyber‑defense, setting a new benchmark for automated, scalable security operations.