back to article Google's here to boost your cloud security and the magic ingredient? AI, of course

Google Cloud used the RSA 2023 conference to talk about how it's injected artificial intelligence into various corners of its security-related services. The web giant's announcement of the resulting new features – marketed under the Google Cloud Security AI Workbench umbrella brand – is pretty long winded, so we thought we'd …

  1. amanfromMars 1 Silver badge

    Thanks, Google. What/Where would We be without You?

    Generate human-readable explanations of how an adversary may try to attack.

    The difficulty and likely problem there for Sec-PaLM [Nice to see ya, Sec-PaLM (a specialised LLM).... To see ya nice] are humans unable to understand and resist to belief in what they are reading. It's an inherent systemic thing found in all of a primitive and barbaric base default.

    Because of such an exploitable weakness/vulnerability, are SMARTR adversarial attacks virtually guaranteed to be practically successful thus aiding and abetting rapid unhindered fabulous fabless progress.

    Simulate attack paths to help organizations understand where their cloud environment is most at risk.

    That is an extremely dangerous exercise to practise given that escaping information and intelligence on most at risk attack paths will stimulate and initiate hostile attack activity elsewhere where defences are absent and attackers gain entry to systems at risk for more covert and clandestine spooky activity ...... death by a thousand small painless cuts rather than massive fatal blow.

    It's Sec-PaLM again, this time in Mandiant Threat Intelligence AI, which can be used to "quickly find, summarize, and act on threats relevant to your organization," we're told.

    If such a service cannot guarantee failsafe security and both agree and be able to be liable to cover all organisation losses suffered in an attack, are their company promises and services surely suspect and in danger of being considered wilfully and wantonly misrepresentative?

    "We need to first acknowledge that AI will soon usher in a new era for security expertise that will profoundly impact how practitioners 'do' security," Potti added. "Most people who are responsible for security — developers, system administrators, SRE, even junior analysts — are not security specialists by training."

    And aint that almost the unadulterated gospel truth whenever AI has already ushered in a novel new era where its IT AIgents and AIgencies are in Command and Control of Networks with Remote Virtual Spaces edutaining Media with Sublime Instruction Sets/Augmented Virtual Reality Playgrounds.

    [This General Purpose Truth announcement contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Actual results may differ significantly from management's expectations. These forward-looking statements involve risks and uncertainties that include, among others, risks related to potential future losses, significant amount of indebtedness, competition, commercial agreements and strategic alliances, seasonality, potential fluctuations in operating results and rate of growth, foreign exchange rates, management of potential growth, systems interruptions, international expansion, consumer trends, inventory, fulfillment centre optimisation, limited operating history, government regulation and taxation, fraud, and new business areas. ]

  2. Roland6 Silver badge

    Security Command Center AI…

    >”it instead takes a look at your assets and resources, and tells you how someone could take a crack your IT environment specifically.”

    So to use this tool it really needs to first verify the user has bona fida access to the assets and resources being evaluated - ability to add a special DNS TXT record say, otherwise combined with Shodan it makes a great tool for attackers…

    Question: how easy is it to spoof DNS record lookup…

  3. Clausewitz4.0 Bronze badge
    Black Helicopters

    More Information to Google

    "it instead takes a look at your assets and resources, and tells you how someone could take a crack

    1/ Would you trust all your assets/information to Google?

    2/ One can simply pwn this tool and all the job is done?

  4. Anonymous Coward
    Anonymous Coward

    LOL what a joke

    Google is the #1 spreader of malware in the world with its playstore infecting billions.

    When they can show actual security there, maybe I would trust them with something more.

    for right now all I hear is "I'm Mr Google" like its Mr. Frundles from Rick and Morty.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like