Google has announced a new experimental AI model called “Sec-Gemini v1” to streamline workflows for cybersecurity defenders in the fight against growing threats.
Sec-Gemini v1 combines advanced capabilities from Google’s AI model Gemini with near real-time cybersecurity knowledge and tooling.
The model also extracts data from Google Threat Intelligence (GTI), the Open-Source Vulnerabilities (OSV) database, and Mandiant Threat Intelligence to deliver unmatched performance.
Why it Matters
Google sees an imbalance in the cybersecurity industry — where defenders work all day just for attackers to exploit a single vulnerability.
“As outlined a year ago, defenders face the daunting task of securing against all cyber threats, while attackers need to successfully find and exploit only a single vulnerability,” said Google in a blog post.
Sec-Gemini v1 seeks to shift the advantage back to defenders by “force multiplying” cybersecurity workflows with AI-powered tools.
“AI-powered cybersecurity workflows have the potential to help shift the balance back to the defenders by force multiplying cybersecurity professionals like never before,” Google added.
Also read: Microsoft Expands Security Copilot with AI Agents to Strengthen Cyber Defenses
Sec-Gemini v1 Performance Metric
Sec-Gemini v1 exceeds the performance of other models on key cybersecurity benchmarks due to its advanced integration of Google Threat Intelligence (GTI), open-source vulnerabilities, and other crucial data sources.
It outperforms other models on CTI-MCQ, a leading threat intelligence benchmark, by at least 11%.
It also outperforms other models by at least 10.5% on the CTI-Root Cause Mapping benchmark evaluating its ability to understand the nuances of vulnerability descriptions, identify vulnerabilities underlying root causes, and accurately classify them according to the CWE taxonomy.
It doesn’t end there. Sec-Gemini v1 was tested with cybersecurity questions and it delivered with key answers other models cannot match. The model determined that Salt Typhoon is a threat actor and provided a comprehensive description of that threat actor, thanks to its deep integration with Mandiant Threat intelligence data.
In a different response, Sec-Gemini v1 provided details about vulnerabilities and contextualized them concerning threat actors using Mandiant data.
What’s Next
Sec-Gemini v1 will be freely available to selected organizations, institutions, professionals, and NGOs for research purposes.
Interested parties are invited to request early access through a form provided by Google.
The Bottom Line
With the introduction of Sec-Gemini v1, Google aims to establish itself as a leader in the AI cybersecurity field, empowering defenders with tools to thrive above attackers.
About Author
