Google Cloud has announced a slew of new AI-powered security features, including new AI agents for continuous security developed by its new subsidiary Wiz.
Following Google Cloud’s record $32 billion acquisition of the Israeli-American cybersecurity startup, the hyperscaler is looking to deploy Wiz agents at a scale that was previously impossible.
To date, Wiz has made the detection of what it calls ‘toxic combinations’ in cloud environments – including misconfigurations, excessive permissions, and overlooked vulnerabilities – its bread and butter.
Google Cloud wants to apply this specialism to its entire platform, as well as those of partners.
While AI can be used to bolster defenses, improperly configured LLMs and AI agents can also complicate cybersecurity strategies and introduce new risks of their own, such as prompt injection attacks.
Google Cloud and Wiz aim to identify these risks in real-time by embedding security into AI as it’s deployed rather than bolting it on after the fact. At Google Cloud Next 2026, both firms have led with a joint message of a deep-set need for AI preparedness.
“One of the things we do is provide the right protections associated with rolling out your AI infrastructure that you can then make available,” said Francis deSouza, COO and president, Security Products at Google Cloud.
“Because [it is] not possible to retrofit security into an IT environment, you need to design it in from the ground up.”
For example, Wiz has launched AI agents that act as automated security researchers and engineers: Red Agent, Blue Agent, and Green Agent.
“Red team is typically contesting from the outside, and the Red Agent actually leverages the deep visibility that we get into cloud environments and identifies all of the potential exposures, all of the APIs that are internet exposed,” explained Yinon Costica, VP Product and co-founder of Wiz.
“The Green Agent actually takes the risk that the, let's say the red agent found, and then it automates the triage process.”
Costica explained that this speeds up a process that normally takes days or even weeks of manual security work. Finally, the Blue Agent takes indications of compromise and automates the investigation process into these threats.
He added that the three agents can collaborate and work with one another to improve defenses. For example, Red Agent can invoke Green Agent after identifying a vulnerability, or Blue Agent can attempt to flag intrusions by Red Agent to test the effectiveness of an organization’s detection capabilities.
All of the agents are managed via Wiz AI Application Protection Platform (AI-APP), an umbrella offering that secures every enterprise AI layer including agents, models, infrastructure, data, and access permissions.
Reflecting on the increasing pace of AI-powered attacks, Costica argued that firms must begin to apply agents to “start using AI against ourselves as much as possible” to identify weaknesses and fix them before attackers find them.
“The goal for this year will be to automate all security processes we know, because that's the only way to go.
“So there are human automations that we've been using in industry, but I think what agents allow us to do is get to the next level of acceleration and automation of security work.”
This sentiment was echoed by deSouza in the event’s opening keynote, in which he warned that hackers have reduced the time between initial access and handoff to secondary threat groups from eight hours to 22 seconds.
Secure interoperability
A core part of the updated security offering at Google Cloud is its interoperability. The hyperscaler has partnered with firms such as Darktrace, Gigamon, and SAP to extend its out of the box security features to their platforms, and also supports end-to-end AI application protection on platforms like AWS, Microsoft Azure, and Oracle Cloud.
Customers can even extend security functions to SaaS tools such as OpenAI and custom-hosted cloud environments.
“It is a multi-cloud world, and we talk to our customers about that all the time saying every company is a multi-cloud company, and will need to continue to be a multi-cloud company,” said deSouza,
In addition to its GCP-native functionality, Wiz supports Databricks and agent platforms including AWS Agentcore, Gemini Enterprise Agent Platform, Microsoft Azure Copilot Studio, and Salesforce Agentforce.
Customers can also extend its security features to external security ecosystems such as Cloudflare AI Security for Apps, Google Cloud Apigee, and Vercel.
Expanding security agents
Alongside the Wiz-developed tools, Google Cloud also highlighted its AI agents for SecOps. These include Dark Web Intelligence, an agent announced at RSAC Conference 2026 that produces organization-specific threat profiles based on Google Threat Intelligence Group’s dark web monitoring.
DeSouza noted that Dark Web Intelligence can identify threats with 98% accuracy, a step above what was previously capable within the security industry.
“Coming up with new rules is a complex process, it can be done by humans but you have new intelligence coming out all the time,” said deSouza, adding that many organizations have thousands of security rules already in place and that adding new ones onto this list can be an overwhelming task.
Additionally, cybersecurity teams can use the Threat Hunting Agent and Detection Engineering Agent to search for active threats and novel attacks, identify gaps in their organization’s cybersecurity, and create automated detection rules based on current threats.
In total, Google Cloud’s Triage and Investigation agent processed more than five million alerts in 2025. The firm said the tool helps teams to complete cybersecurity analysis that previously took 30 minutes in just 60 seconds, using Gemini for reasoning and text generation.
Another new platform, Google Cloud Fraud Defense, is intended to build upon reCAPTCHA services to assess the legitimacy of humans, bots, and agents within business processes and commerce.
The announcements made at Google Cloud Next 2026 represent not only the sum of Google Cloud’s teams but also the innovations of Google DeepMind and the proprietary technologies Wiz relied on prior to its acquisition.
ITPro understands that Wiz uses a mix of backend models, which it chooses depending on customer use cases. But deSouza said that going forward both Google Cloud and Wiz teams would benefit from sharing notes with internal frontier model developers.
“We have an advantage here,” said deSouza.
“Our defense technologies like Wiz work with our frontier model teams, and we know in advance what the model is going to have. And so on day one, we're taking advantage of the cutting edge of defense to protect our customers.”
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
UK organizations are failing to move past basic AI use-cases
Market volatility is exposing weak partnerships across the channel
AI is now a ‘standard part of the attacker toolkit’
Agent identity governance can't keeping up with adoption rates – and it’s creating a security nightmare
Systems are deterministic, people are probabilistic – AI is both, and that's a headache for cyber teams
AI agents are creating new identity security risks: 1Password wants to solve that
CISOs are keen on agentic AI, but they’re not going all-in yet
Trend Micro issues warning over rise of 'vibe crime' as cyber criminals turn to agentic AI to automate attacks
AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals — and teams at Amazon are already seeing huge gains
Microsoft opens up Entra Agent ID preview with new AI features
