On May 28, 2026 Google Cloud launched AI Threat Defense, combining Gemini, Wiz, DeepMind’s Codemender and Mandiant to scan, simulate exploits and automatically generate and verify patches across enterprise systems.
Google Cloud on May 28, 2026 launched AI Threat Defense, a security platform that automatically discovers, assesses and patches vulnerabilities across enterprise systems — a response to attackers who can use stronger AI to find and weaponize flaws faster than human teams can react. The platform aims to shorten the window from discovery to remediation by automating detection, exploit simulation, patch generation and verification inside developers’ environments. This matters for software teams and security operations groups that must validate machine — written fixes and adapt incident playbooks to live code changes.
Google says AI Threat Defense is built from four main components that form an end-to-end pipeline: Gemini for code analysis, Wiz for cloud risk assessment, DeepMind’s agent Codemender to write and apply fixes, and Mandiant for real‑world incident expertise. The system moves from automated detection to exploit simulation and then to patch generation and verification, with traceability on which model produced each change.
Wiz, acquired by Google in March 2025 for $32 billion, is used to surface exposed servers, APIs, credentials and other cloud misconfigurations. Multiple AI models run in parallel because different models perform better on different tasks: lower‑cost models handle continuous checks while higher‑cost “frontier” models focus on the most critical systems. Software agents simulate exploitability to prioritize flaws that are likely to be weaponized.
Codemender, introduced by DeepMind last fall, is intended to plug directly into development workflows: it can replace vulnerable code, rewrite legacy codebases into memory‑safe languages and automatically generate tests to verify each patch. Google emphasizes that the platform keeps traceability of model outputs, and that during live incidents Google Security Operations agents will take over active threat hunting when necessary.
The launch arrives amid warnings from researchers and vendors that stronger AI models change the threat calculus. Anthropic’s internally discussed Claude Mythos Preview reportedly found thousands of vulnerabilities under controlled access, and researcher Himanshu Anand has argued that standard 90‑day vendor grace periods are untenable when exploits can be produced rapidly. Google COO Francis deSouza positioned AI Threat Defense as a step beyond tools that simply generate long alert lists.
Practical implications for builders include integrating auto‑generated patches and tests into CI/CD pipelines, validating machine‑written fixes before production, and updating incident response playbooks to handle possible agent errors and live code changes. Google named Accenture, Deloitte, Netenrich, PwC and TENEX.AI as implementation partners. Open questions remain about the long‑term reliability of automated patches and how teams will manage erroneous or unexpected code changes.
Sources
Replies (0)
No replies in this topic yet.
