Google Cloud responds to AI-accelerated cyberattacks with a platform that aims to close security gaps in minutes
Key Points
- Google Cloud bundles technologies from Gemini, Wiz, and Deepmind in its new “AI Threat Defense” platform to automatically find and fix security flaws in enterprise systems.
- The system scans networks with multiple AI models and lets agents rewrite and test vulnerable code directly in the development environment.
- As AI-powered attacks get faster, these automated patches are meant to replace manual processes, giving companies ready-made fixes instead of just alert lists.
Google Cloud has unveiled “AI Threat Defense,” a platform designed to automatically find, assess, and patch security flaws in enterprise systems. The company bundles technologies it partly acquired through acquisitions.
The platform combines four building blocks: Gemini analyzes code, cloud security firm Wiz assesses risks in cloud infrastructure, Deepmind’s agent Codemender writes patches, and Google subsidiary Mandiant contributes experience from real-world cyberattacks.
Wiz, which Google acquired in March 2025 for $32 billion, first identifies vulnerable systems like exposed servers, APIs, or credentials in a company’s IT environment. An agent then simulates which flaws can actually be exploited.
For scanning, Google deliberately uses multiple models at once. Performance varies a lot depending on the task: some models are better at application logic, others at cloud configuration or binary analysis. No single model catches every flaw. Cheap models handle continuous checks, while pricier frontier models tackle the most critical systems.
Codemender, which Deepmind introduced last fall, then steps directly into the development environment. It replaces vulnerable code and rewrites older codebases into modern, memory-safe languages. Before shipping a fix, the system automatically generates tests to verify each patch. Which patch came from which model stays traceable.
During live operations, agents from Google Security Operations take over and hunt for active attacks.
Stronger AI models have changed the threat picture
The need for automated defense is growing because new AI systems now find flaws faster than traditional processes can keep up. Anthropic‘s widely discussed Claude Mythos Preview reportedly found thousands of vulnerabilities and was only released under controlled access because of its capabilities.
Security researcher Himanshu Anand points to this same shift when he calls for an end to the 90-day grace period for software vendors, because language models speed up parallel bug discovery and can turn patch diffs into working exploits in minutes.
Google echoes this point: attackers armed with AI can now exploit security flaws in hours instead of weeks. Manual patches can’t keep up. Francis deSouza, Google Cloud’s COO, also draws a line between his company and competitors. Others just hand security teams long lists of alerts, he says. Google wants to ship finished fixes instead.
What remains unclear is how reliable these auto-generated patches actually are in production – and how companies deal with agent errors when the system changes live code on its own. Google names Accenture, Deloitte, Netenrich, PwC, and TENEX.AI as implementation partners.
Subscribe now
Stay ahead of AI. Get the most important stories delivered to your inbox — no spam, no noise.
