In response to Anthropic Mythos, instead of launching another LLM, Google unveiled a broad push toward agentic, AI-driven defense at Google Cloud Next ‘26 to help SOC analysts as they scramble to keep up with the influx of CVEs Mythos threatens.
As Mythos promises more vulnerabilities, and reports of unauthorized access despite its limited preview emerge, Google is betting that only agents, not analysts, can keep pace with what is coming.
Google unveiled new capabilities focused on automating detection, accelerating response, and securing the increasingly messy intersection of AI, cloud, and third-party ecosystems.
Under this, the search giant announced three new agents in Google Security Operations, expanded security across clouds and AI studios with expanded Wiz integration, and the Gemini Enterprise Agent Platform that promises a defense layer against shadow AI.
Additionally, Google said it is working on simplifying permissions with modern IAM, along with a handful of improvements in Google Cloud Security.
New emphasis on agentic defense
Google’s most direct help to SOC teams comes in the form of three new AI agents embedded in Google Security Operations. These include a threat hunting agent, a detection engineering agent, and a third-party context agent.
While the threat hunting and detection engineering agents, both now in preview, aim to identify novel attack patterns and close detection gaps, respectively, the third-party context agent, set to enter preview, is designed to enrich investigations with external intelligence.
Google claimed its existing triage and investigation agent has already processed over five million alerts, shrinking analysis time from 30 minutes to roughly a minute using Gemini.
There’s also a push toward what Google calls “agentic automation,” where response actions can be triggered automatically, paired with new dark web intelligence (infused into Google Threat Intelligence) capabilities to prioritize real threats with high accuracy.
Wiz, AI-BOMs, and securing the AI development sprawl
Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.
Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.“Wiz now supports Databricks as well as new agent studios like AWS Agentcore, Gemini Enterprise Agent Platform, Microsoft Azure Copilot Studio, and Salesforce Agentforce, so customers gain visibility however their teams choose to build,” said Francis deSouza, COO, Google Cloud and President, Security Products.
Other new capabilities from the integration come in the form of inline scanning of AI-generated code, integrations directly into developer workflows, and an AI-bill of materials (AI-BOM) that inventories all AI components, including models, frameworks, and IDE plugins across an organization.
AI-BOM is targeted as a practical response to shadow AI, offering visibility into tools developers use versus what’s approved.
Securing the agentic web
Google is also aiming to have visibility into the plane where AI agents interact autonomously across systems, something it calls the “agentic web.”
To address that, it introduced Agent Identity and Agent Gateway for governance and policy enforcement, alongside deeper integrations for Model Armor to mitigate risks like prompt injection and data leakage. There’s also a reworked approach to bot and fraud detection through Google Cloud Fraud Defense, which aims to distinguish between humans, bots, and AI agents across the workflows.