Google Cloud has unveiled its AI Threat Defense platform, designed to automatically detect, assess, and patch security vulnerabilities in enterprise systems. The platform integrates technologies from Gemini, Wiz, and Deepmind, combining four core components: Gemini analyzes code, Wiz evaluates cloud infrastructure risks, Deepmind's Codemender generates patches, and Mandiant contributes real-world cyberattack insights. Wiz, acquired by Google in March 2025 for $32 billion, first identifies vulnerable systems such as exposed servers, APIs, or credentials. An agent then simulates which flaws could be exploited.

Google deliberately uses multiple models simultaneously for scanning, as performance varies by task: some models excel at application logic, while others are better suited for cloud configuration or binary analysis. No single model can catch all flaws. Cheaper models handle continuous checks, while more advanced models address critical systems. Codemender, introduced by Deepmind last fall, directly modifies code in development environments, rewriting older codebases into modern, memory-safe languages.

Before deploying patches, the system automatically generates tests to verify each fix. The origin of each patch remains traceable. During live operations, Google Security Operations agents take over to hunt for active attacks. The platform aims to replace manual processes with automated patches, providing companies with ready-made fixes instead of just alert lists.

As AI-powered attacks accelerate, the need for automated defense grows, as new systems can find flaws faster than traditional methods. Security researcher Himanshu Anand highlights this shift, calling for an end to the 90-day grace period for software vendors due to AI's ability to rapidly discover and exploit vulnerabilities. Google Cloud's COO, Francis deSouza, emphasizes that competitors typically provide security teams with long alert lists, while Google aims to deliver finished fixes.

Source: thedecoder