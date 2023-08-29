Google Cloud today previewed new AI-enhanced capabilities for its Chronicle and Mandiant offerings: Duet AI in Mandiant Threat Intelligence, Duet AI in Chronicle Security Operations, and Duet AI in Security Command Center. The preview was was part of a larger group of generative AI-related announcements made at the Google Cloud Next event.\n\nDuet AI in Mandiant Threat Intelligence\n\nMandiant Threat Intelligence is built on one of the largest, if not the largest, knowledgebases of threat data including threat actor tactics, techniques, and procedures (TTPs); indicators of compromise (IoC), incident forensics, and threat actor identification processes. The volume of data can make it difficult for security teams to properly leverage and apply to their circumstances.\n\nBy adding Duet AI to the mix, Google Cloud claims Mandiant Threat Intelligence can help security teams summarize information in the knowledgebase, identify the information most relevant to a given situation, and create reports that speak more directly to a target audience\u2014for example, executive stakeholders or security operations personnel. \u201cSecurity teams can now quickly understand what Google reports about the adversary, how the latest threats may be targeting their organization, and how they can make threat intelligence actionable across their organization,\u201d said Google Cloud Security VP\/GM Sunil Potti in a blog post.\n\nDuet AI in Chronicle Security Operations\n\nGoogle Cloud first announced generative AI capabilities for Chronicle Security Operations at this year\u2019s RSA conference. Those capabilities were focused on improving threat detection, investigation, and response by simplifying data analysis.\n\nDuet AI in Chronicle Security Operations offers similar capabilities. Specifically, Google Cloud claims it automatically generate summaries about ongoing incidents, providing context and recommendations for remediation. Duet also allows defenders to enter natural language queries into Chronicle. Duet automatically translates them into Chronicle\u2019s syntax, allowing lower-skilled personnel to be more effective.\n\nDuet AI in Security Command Center\n\nAI-enhanced attack path simulation capabilities for Security Command Center were also first introduced at RSA Conference 2023. Today\u2019s announcement builds on that by using Duet AI to provide \u201cnear instant\u201d analyses of attacks and identify possible attack paths. \u201cBy reducing toil through summarizing threat criticality, implications, and recommended remediations, Duet AI in Security Command Center can help ensure they do not overlook critical findings,\u201d Potti said.\n\nReal human threat intelligence\n\nGoogle Cloud also announced a new service that isn\u2019t AI-enhanced: Mandiant Hunt for Chronicle. It provides Mandiant personnel to do threat hunting on top of Chronicle environment, and is intended to augment in-house security teams. \u201c[Mandiant Hunt] integrates the latest insights into attacker behavior from Mandiant\u2019s frontline experts with Chronicle Security Operations\u2019 powerful ability to quickly analyze and search security data,\u201d Potti said. \u201cMandiant Hunt for Chronicle can help organizations close the skills gap and gain elite-level support without the burden of hiring, tooling, and training.\u201d Mandiant Hunt is currently in preview.