Key Takeaways:

• Google Cloud introduced new protections for AI agents and workloads at its Security Summit 2025.
• Updates include automatic discovery of AI agents, expanded Model Armor defenses, and advanced threat detection powered by Mandiant intelligence.
• A new “agentic SOC” vision was previewed, with tools such as the Alert Investigation Agent and SecOps Labs.
• Mandiant is extending consulting services to help enterprises strengthen AI governance, threat modeling, and environment hardening.

At its Security Summit 2025, Google Cloud announced a set of enhancements aimed at making artificial intelligence deployments more secure. With enterprises racing to integrate AI agents into workflows, the company highlighted how new features in its security suite can help organizations proactively manage risks, detect anomalies, and respond faster to potential threats.

The updates reflect a growing recognition that AI agents, while powerful, introduce a fresh layer of vulnerabilities. Misconfigured agents, unsafe prompts, and malicious injections can expose sensitive data or disrupt operations. “We are helping organizations discover, protect and respond to risks in their AI ecosystems before attackers exploit them,” Google Cloud executives said during the event.

Security Command Center Adds AI Agent Visibility

One of the central announcements was an expansion of Security Command Center to include automatic discovery and inventory of AI agents and Model Context Protocol servers. This new visibility layer provides enterprises with detailed insights into how their AI environments are structured, where risks may exist, and whether policy compliance gaps are present.

By giving organizations a single view of their AI assets, Google Cloud aims to make it easier for security teams to identify potential misconfigurations or unsafe deployments early. This is particularly important as enterprises scale AI across multiple workloads and departments, where manual oversight often falls short.

Extending Model Armor to AI Agents

Google also extended the reach of its Model Armor protections, first introduced to shield large language models, to include Agentspace prompts and responses. Now in preview, this real-time safeguard is designed to defend against common AI-specific threats such as prompt injection attacks, adversarial manipulation, and unintentional sensitive data disclosure.

“Model Armor is about enabling secure AI use without slowing innovation,” the company explained. By embedding these protections directly into the AI agent workflow, Google hopes to reduce the risk of attacks that exploit the natural language interfaces powering agentic systems. New posture controls within Agentspace and Agent Builder add further security guardrails, ensuring that enterprises can enforce policies consistently across their AI deployments.

Enhanced Threat Detection and Response

Google Cloud also highlighted advances in its threat detection capabilities, leveraging intelligence from Mandiant and Google’s internal research teams. The updated system is intended to surface unusual or suspicious behavior in AI agents more quickly, giving security teams actionable alerts before small anomalies escalate into breaches.

With AI agents capable of carrying out complex tasks across enterprise systems, abnormal patterns of activity can be early indicators of compromise. The ability to catch these signals sooner could help reduce both dwell time and response costs.

Previewing an “Agentic SOC”

Beyond defensive upgrades, Google shared its longer-term vision for what it calls an “agentic SOC,” or Security Operations Center powered by AI agents. A central piece of this approach is the new Alert Investigation Agent, now in preview.

The tool automates much of the repetitive work analysts traditionally handle when triaging alerts. It can enrich data with context, analyze command-line activity, and construct process trees, all modeled after methods used by Mandiant analysts. This frees human teams to focus on more complex decision-making, while also accelerating the time it takes to move from detection to containment.

Google also introduced SecOps Labs, an early-access environment where customers can test experimental AI features for detection and response. Alongside this, new dashboards in Security Operations integrate security orchestration, automation, and response (SOAR) data, making it easier to monitor and manage workflows.

Expanded Role for Mandiant

A recurring theme in the announcements was the growing integration of Mandiant expertise into Google Cloud’s portfolio. Beyond feeding intelligence into threat detection, Mandiant is now expanding its consulting services to cover AI governance frameworks, AI environment hardening, and adversarial threat modeling.

As enterprises embrace AI across mission-critical workloads, many lack the internal expertise to anticipate how threat actors might exploit these systems. Mandiant’s expanded role is designed to fill that gap, giving customers guidance on how to balance innovation with strong governance and protection.

Why These Updates Matter

The timing of these security updates underscores the rapid pace at which AI is moving from experimentation into production environments. Enterprises are increasingly deploying AI agents not just for back-office efficiency but also for customer-facing applications, meaning potential failures or breaches could have significant impact.

By combining automatic discovery, real-time safeguards, enhanced detection, and expert consulting, Google Cloud is aiming to provide customers with a more complete toolkit for securing AI in the enterprise. At the same time, the company is signaling that the future of cybersecurity itself may be more agent-driven, where AI not only requires protection but also takes on a more active role in defending systems.

As one Google Cloud leader summed it up during the event, “The goal is not only to secure AI but to use AI to reimagine how security teams operate.”

Conclusion

Google Cloud’s announcements at Security Summit 2025 highlight both the opportunities and challenges AI brings to enterprise security. Automatic discovery of AI agents, expanded Model Armor defenses, and advanced threat detection are all steps toward safer deployment. The introduction of an agentic SOC vision shows how AI may reshape security operations themselves. With Mandiant playing a larger role in governance and adversarial testing, enterprises will have more tools to address risks as they expand AI use. While no system can eliminate risk entirely, these updates show how cloud providers are adapting to help organizations secure the next generation of AI-powered operations.

Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event Sept 29-30, 2025 in DC.

Rich Tehrani serves as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026 and is CEO of RT Advisors and is a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.

The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.

The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.

Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing.