Google Unveils AI-Powered Security Upgrades and Threat Intelligence at RSAC 2025
Google has expanded its AI-driven security tools and threat intelligence solutions at RSAC 2025, focusing on automation and real-time insights to combat cyber threats.
At the RSA Conference (RSAC) 2025, Google unveiled significant advancements in its AI-driven security portfolio, emphasizing automation, real-time threat intelligence, and unified management to address evolving cyber threats. The announcements highlight Google's commitment to empowering security teams with cutting-edge tools.
Key Announcements
1. Mandiant M-Trends 2025 Report
Google released the 16th annual Mandiant M-Trends report, drawing insights from 450,000+ hours of incident investigations. Key findings include:
- 33% of threats involve exploits
- 16% stem from credential theft
- 14% are phishing attacks
The report also highlights emerging risks, such as North Korean IT worker insider threats and blockchain-based cyber threats, with the financial sector remaining a prime target.
2. Enhanced Google Unified Security Platform
Building on its recent AI-driven security advancements, Google introduced:
- Gemini AI upgrades: Real-time threat intelligence, automated malware analysis, and improved attack surface visibility.
- Composite Detections: Links unrelated security events to uncover multistage attacks while reducing false positives/negatives.
- Content Hub: Centralized resource for integrations, dashboards, and prebuilt queries to streamline security operations.
3. Agentic SOCs: Autonomous AI for Security
Google revealed its vision for agentic Security Operations Centers (SOCs), powered by AI agents that independently:
- Investigate alerts (Alert Triage Agent)
- Reverse-engineer malware (Malware Analysis Agent)
These agents will enter preview in Q2 2025 for select customers.
4. SecOps Labs for Early AI Access
Google launched SecOps Labs, offering experimental tools like:
- Natural Language Parser Extension
- Detection Engineering Agent (automated rule creation)
- Response Agent (playbook automation)
5. AI Protection Service Upgrades
New multimodal capabilities (launching June 2025) include:
- Sensitive data detection in images
- Object-based redaction
- Threat detection for Vertex AI workloads (aligned with MITRE ATLAS)
6. Open-Source Initiatives
To promote interoperability, Google:
- Open-sourced Model Context Protocol servers
- Introduced the Agent2Agent protocol for cross-vendor collaboration
Conclusion
Google's RSAC 2025 announcements underscore its leadership in AI-powered cybersecurity, combining automation, real-time intelligence, and open ecosystems to redefine modern threat defense.
Related News
Zscaler CAIO on securing AI agents and blending rule-based with generative models
Claudionor Coelho Jr, Chief AI Officer at Zscaler, discusses AI's rapid evolution, cybersecurity challenges, and combining rule-based reasoning with generative models for enterprise transformation.
Lenovo Wins Frost Sullivan 2025 Asia-Pacific AI Services Leadership Award
Lenovo earns Frost Sullivan's 2025 Asia-Pacific AI Services Customer Value Leadership Recognition for its value-driven innovation and real-world AI impact.
About the Author

Alex Thompson
AI Technology Editor
Senior technology editor specializing in AI and machine learning content creation for 8 years. Former technical editor at AI Magazine, now provides technical documentation and content strategy services for multiple AI companies. Excels at transforming complex AI technical concepts into accessible content.