Google Cloud has introduced Google AI Threat Defence, a new AI-driven cybersecurity framework designed to help organisations detect, prioritise, and remediate increasingly sophisticated AI-powered cyber threats.

The launch comes amid growing concerns that cybercriminals are leveraging artificial intelligence to accelerate attacks, identify vulnerabilities faster and automate malicious activities at machine speed. According to Google, traditional manual security operations are no longer sufficient to keep pace with modern AI-assisted attacks, which can now be executed within hours or days instead of weeks.

Google AI Threat Defence combines the capabilities of Gemini and other frontier AI models with threat intelligence and security technologies from Mandiant, Wiz and CodeMender. The platform is designed to automate vulnerability analysis, prioritise critical risks, generate remediation recommendations and continuously monitor systems for emerging threats.

The company said the solution aims to help organisations move from reactive cybersecurity operations toward a more autonomous and predictive defence model.

“AI is rewriting the rules of cybersecurity,” Google stated, highlighting that the new framework applies large language model (LLM)-powered analysis to autonomously discover software flaws, validate risks and accelerate vulnerability remediation workflows before exploits can occur.

Unlike conventional security tools that often generate large volumes of unprioritized alerts, Google said AI Threat Defence focuses on contextual risk prioritisation and verified remediation guidance to improve operational efficiency for security teams.

The framework is built around a four-step cybersecurity approach consisting of preparation, scanning and prioritisation, remediation and continuous monitoring.

Under the “Prepare” phase, organisations can harden infrastructure and establish workflows for machine-speed threat response. The “Scan and Prioritise” stage leverages AI-driven posture validation and deep system analysis to identify critical vulnerabilities. During “Remediation,” the platform autonomously verifies and accelerates patch deployment, while the “Monitor” stage supports continuous threat detection and active response playbooks.

Google also highlighted its broader cybersecurity heritage, including its secure-by-default cloud architecture, Zero Trust security model, Titan security chips and Google Security Operations platform. The company claims its infrastructure currently blocks approximately 10 million spam emails every minute while protecting billions of users and enterprise customers globally.

The launch reflects a wider industry shift toward AI-native cybersecurity systems as enterprises increasingly seek automated methods to combat high-speed attacks, reduce vulnerability exposure and manage growing volumes of security data.

As generative AI continues to reshape both offensive and defensive cybersecurity strategies, platforms such as Google AI Threat Defence signal the emergence of autonomous security operations as a critical focus area for enterprises worldwide.