Google Cloud made various announcement at the RSA 2025 conference, which was held from 28 April 2025 to 1 May 2025 in San Francisco, USA. The announcements from the company aimed at transforming the cybersecurity landscape. The company showcased its latest advancements, highlighting the transformative potential of Agentic AI and providing new insights into the evolving threat landscape through its Zero-Day Exploits Report.
Google Cloud Reimagines Security Operations with Agentic AI
Google Cloud unveiled Agentic AI, a revolutionary approach to Security Operations Centres (SOCs). Moving beyond traditional AI integrations, Agentic AI leverages interconnected, purpose-driven agents to enhance operational efficiency. “No longer do we have our analysts having to write regular expressions that could take anywhere from 30 minutes to an hour. Gemini can do it within a matter of seconds,” said Hector Peña, senior information security director, Apex Fintech Solutions.
Also read: Google Cloud Acquires Wiz to Strengthen Multi-cloud Security
These agents are capable of managing tasks such as alert triage, malware analysis, and case investigations with semi- or full autonomy. “Agentic AI promises a fundamental, tectonic shift for security teams, where intelligent agents work alongside human analysts to autonomously take on routine tasks, augment human decision-making, automate workflows and empower them to focus on what matters most: the complex investigations and strategic challenges that truly demand human expertise,” said Google Cloud in its official blog.
Key innovations include:
- Open-Sourcing MCP Servers: Google Cloud announced the open-sourcing of Multi-Cloud Policy (MCP) servers, enabling seamless integration with industry tools such as CrowdStrike, Wiz, and Cloudflare.
- Launch of SecOps Labs: A dedicated R&D space, SecOps Labs fosters collaboration among defenders, allowing them to co-develop and test AI-driven solutions.
- Enhanced Efficiency: By reducing analyst fatigue and accelerating response times, Agentic AI promises to set new benchmarks for speed and accuracy in cybersecurity operations.
Insights from the 2024 Zero-Day Exploits Report
The Google Threat Intelligence Group (GTIG) released its highly anticipated 2024 Zero-Day Exploits Report, revealing critical insights into emerging attacker strategies:
- Fewer Exploits: The number of zero-days exploited in the wild decreased to 75 in 2024, compared to 98 in 2023.
- Targeting Enterprises: Attacks on enterprise-specific technologies rose to 44%, up from 37% in the previous year.
- Focus on Security Tools: Over 60% of exploits targeted security and networking tools, underscoring attackers’ focus on infrastructure vulnerabilities.
- Nation-State Activity: Nation-state actors, including those linked to the People’s Republic of China (PRC) and North Korea, were responsible for over half of the attributed exploits, each exploiting at least five zero-days.
