Name: Security Analyst Diaries - EP2: Context-Aware Detections
Start: 2022-03-18T19:15:00Z
End: 2022-03-18T19:15:17.000Z
Location: BrightTALK
Rating: 5

Transform your cybersecurity with frontline intelligence, modern security operations and AI-powered cloud innovation.

Join Anton Chuvakin (Google Cloud Office of the CISO) and Allie Mellen (Forrester) as they explore the ongoing shift in Security Operations Centers driven by agentic AI. They'll start the conversation by examining the differences between single, task-specific AI agents and agentic systems that move the discussion beyond mere automation to autonomous defense. You'll also gain insights into practical realities of adoption, non-negotiables for a truly "AI-Ready SOC” and key metrics for success. If you are eager to understand how your role will transform in the SOC of the future, be sure to tune-in!

The Agentic SOC: Humans, Agents, and the Future of Defense

Cyber threats are constantly evolving. Learn how to stay ahead of them in 2026 with security expert Andrew Kopcienski.

Join this deep-dive session based on the Cybersecurity Forecast 2026 report, where Andrew will cover key trends and insights to help strengthen your cyber defenses in the year ahead, including:

- The AI Arms Race: How generative AI is being used by both attackers and defenders.
- Nation-State Threats: A deep dive into activity from the "Big Four"—China, Russia, North Korea, and Iran.
- The Cybercrime Economy: The latest tactics in ransomware, extortion, and cyber crime operations
- Regional Intelligence: Exclusive insights and predictions for the JAPAC and EMEA regions.

Google Cloud Cybersecurity Forecast 2026

The massive growth of non-human/agentic identities creates an exploding attack surface, with most identities over-permissioned. The rise of agentic AI amplifies this risk, introducing vulnerabilities like "confused deputy" and prompt injection that expose privileged data. Securing the entire AI supply chain demands a shift away from broad, static service accounts.

This webinar details how to protect your AI innovation with Google Cloud's comprehensive, "identity-first" security stack. We'll explore a platform based on robust IAM and resource management. We will show you how to secure the entire AI lifecycle without static keys using Workload Identity for a strong, attestable identity for every component. To counter agent intent risks, we introduce a vision of ephemeral, just-in-time identities. These capabilities, combined with Gemini-powered tools, help maintain a strong security posture, improve permissions hygiene, and build defense-in-depth for your AI workloads.

What you will learn:
> How to manage the explosion of non-human identities with a modernized, identity-first security stack and federated authentication.
> The critical role of Universal Workload Identity in creating a verifiable chain of trust without static keys.
> Strategies to mitigate novel AI risks like the "confused deputy" by moving towards ephemeral, just-in-time identities that secure an agent's intent.
> How to build defense-in-depth using a full suite of access management controls (IAM Allow/Deny, PAM, Principal Access Boundary).

Join us to learn how to leverage Google Cloud IAM to secure your entire AI ecosystem and innovate with confidence.

Security Foundation: How to secure your agents with an identity-first approach?

As organizations adopt cloud, a critical decision is whether to use security controls from the Cloud Service Provider (CSP) or a third-party vendor. Join Melinda Marks, Practice Director, Cybersecurity, ESG, to review data showing 73% of organizations prefer native cloud service provider (CSP)  security solutions. We'll explore the primary drivers for this preference—including optimization and ease of deployment with cloud native security providers. We will also examine the top desired capabilities that are crucial for streamlining security in multi-cloud environments.

What You Will Learn:
> Why nearly three-quarters of organizations favor security products directly from their CSPs.
> The top factors influencing organizations to adopt cloud-native security solutions.
> The critical need for deployment flexibility and integrated workflows to support modern development and response processes.

Join us to discover how Google Cloud built-in security controls deliver foundational security for cloud environments including the optimization, ease-of-use, and efficiency that organizations overwhelmingly demand from their cloud security provider.

Security Foundation: Why three-quarters of organizations prefer cloud-native security products?

The cybersecurity skills shortage impacts organizations globally, with 65% reporting increased workloads, difficulty filling positions, and burnout leading to attrition. These challenges heighten vulnerability to attacks and strain security operations.

This session highlights how Google Cloud’s partnerships with managed security service providers like Optive address these gaps. Discover how modern Security Operations Centers evolve from disparate tools and alert fatigue to AI-first, context-driven solutions that empower analysts.

· Enhancing analyst effectiveness with SOAR and AI capabilities
· Transitioning from needle-in-haystack detection to context-rich operations
· Real-world applications of Google SecOps in managed detection and response

Learn how cloud partnerships overcome staffing challenges and deliver effective security, enabling organizations to focus on innovation without compromising protection. Watch the webinar for insights.

Support and Grow Your Security Operations with Google Cloud and Optiv

In the world of digital advertising, protecting data is a top priority, especially as you work with customer information and campaign performance metrics. Confidential computing provides a powerful solution for protecting data while it's being processed, in addition to strengthening data protection at rest and in motion. It uses isolated, hardware-enforced environments called Trusted Execution Environments (TEEs) to ensure your data remains protected even from the cloud provider itself. This technology is already being used in Google Ads to enable "confidential matching," which lets you securely match your first-party data with Google's data to build audiences without exposing raw user information.

In this webinar, you will learn how to:
> Understand the security benefits of confidential computing for your Google Ads campaigns.
> Leverage confidential matching to create audience segments from your first-party data while strengthening privacy and security.
> Gain insights into the key technical guarantees that strengthen your data protections.

Register now to empower your organization to safeguard its most valuable assets in the cloud and on Google's advertising platform.

Security Foundation: How Google Ads customers collaborate with confidence?

The cybersecurity skills shortage isn’t improving, with 65% of organizations telling Enterprise Strategy Group (ESG) they are significantly or somewhat impacted. Another 65% of folks said being a cybersecurity pro is more difficult due to the growing attack surface, exacerbated by a dwindling security workforce.
 
This shortage results in an abundance of challenges, including high burn-out rates on existing staff, an inability to utilize security tech to its full potential, and an increased reliance on managed security service providers (MSSPs) to fill the gap.
 
This webinar centers on this last item, in which Tony Palmer, ESG Practice Director of Validation Services, and Travis Lanham, Uber Tech Lead of Security Operations at Google, will walk you through how MSSPs help organizations fill their cybersecurity skills gaps.
 
Join now to learn how Google Cloud supports MSSPs in delivering turnkey security solutions that accelerate your time-to-security, upskill your SecOps teams with AI and automation, and institute advanced threat intelligence to proactively uncover business risks.

Intel-driven SecOps: How Google & MSSPs Close the Cybersecurity Skills Gap

Today’s cyberattacks require rapid detection and response to prevent a full-blown data breach or ransomware extortion. Generative AI’s arrival and rapid development gives security operations teams a new tool to more efficiently and comprehensively gather attack intel – and even more importantly, stage a swift and well-crafted response to an attack. In this panel discussion, SecOps and AI experts share insights and recommendations for blending AI with security operations and incident response.

Specific topics include:
 - Current & future use-cases for AI in SecOps
 - How adversaries are using AI
 - AI skills for the SOC
 - Recommendations and best practices for implementing AI in the SOC

AI Joins the SOC

AI is rapidly transforming the technological landscape, but this evolution brings a new set of security challenges. As organizations increasingly integrate AI into their operations, it is crucial to understand the unique risks involved and implement robust security measures. This webinar will explore the dual nature of AI as both a powerful tool for security and a potential vector for sophisticated attacks. We will delve into the essential strategies and solutions needed to protect your AI systems in the cloud, ensuring your organization can innovate responsibly and securely.

What You Will Learn:

> The fundamental differences between securing traditional applications and securing AI systems. 
> Key challenges in AI security, including its non-deterministic nature , the rapid pace of development , and the importance of data privacy.
> Strategies for discovering where AI is being used within your organization to address the "shadow AI" problem. 
> The necessity of collaboration between security teams, data scientists, developers, and legal teams to create a comprehensive AI security posture. 

Don't miss this opportunity to learn how to navigate the complexities of AI security and equip your organization with the knowledge and tools needed to thrive in this new era.

Securing AI in the Cloud: Best Practices and Solutions

AI agents promise to reduce toil and help security teams drive outcomes faster by working 24/7 with little human intervention. But can AI agents deliver? 

This session covers what the agentic SOC of the future looks like, and previews how AI agents in Google Cloud Security products will help teams reduce time spent on manual tasks so they can focus on complex and novel issues. We'll then demo how you can use Google Cloud Security MCP servers and other technologies to build your own AI agents. This technical demo will guide you through how to use technologies like AgentEngine, Agentspace, and Agent Development Kit to develop and deploy AI agents for security workflows.

The Agentic SOC of the Future and AI Agents Today

The future of security is intelligent and agentic. In this webinar, we'll move beyond the hype and demonstrate the reality of agentic AI capabilities within Google Security Operations. We will specifically explore the power of our AI agents for alert triage and malware analysis. Then we'll break down their functionality with tangible examples of how they're transforming daily SecOps workflows.

We'll also briefly introduce our transformative vision for the agentic SOC, hinting at a future where intelligent agents work alongside human analysts to automate routine tasks, improve decision-making, and ultimately enable a greater focus on complex threats.

How AI Agents are revolutionizing the Modern SOC

The shift to cloud environments, particularly Google Cloud, introduces unprecedented agility and scalability, but also complex challenges in maintaining robust security and compliance. This session dives deep into the critical aspect of governance, addressing how organizations can establish and enforce effective controls to mitigate risks and ensure alignment with business objectives and regulatory mandates. We will move beyond theoretical concepts to explore practical, technical implementations within Google Cloud, empowering security professionals to design, implement, and maintain a secure and compliant cloud posture.

What you will learn:
> Understand the key components of a comprehensive access governance framework on Google Cloud, including defining policies, roles, and responsibilities, and leveraging cloud-first controls for policy enforcement.
> Explore practical techniques for implementing access such as Identity and Access Management (IAM) best practices (e.g., least privilege, security keys, service accounts), Organization Policies, and Security Command Center for continuous monitoring and audit.
> Discover how to leverage Infrastructure as Code (IaC) with tools like Terraform, automated policy enforcement, and security orchestration to streamline governance workflows and reduce manual effort in your Google Cloud environment.

Join us to gain actionable insights and technical expertise to master governance in your Google Cloud security journey and build a resilient and compliant cloud architecture.

Security Foundation: Your Cloud Journey to Least Privilege - From Zero to Secure

Enterprise Strategy Group survey data shows us that 99% of organizations are reporting that AI is improving employees productivity and job satisfaction. This is true across security operations (SecOps) as well, where AI-fueled threat detection, threat intelligence, and SIEM can level-up your proactive security posture.

Dave Gruber, Principal Analyst of Ransomware, SecOps & Services at ESG, and Wendy Willner, Product Manager, Google SecOps, unpack the trends, practical use cases, and applications for AI in SecOps.

Join this webinar to learn more about:
 - The current state and future trends of Security Operations
 - How SIEM and AI technology are transforming the SOC
 - The implications of rapidly evolving AgenticAI in security

The Future of SecOps in AI-World

In an era where web properties are the primary venue for consumer transactions, businesses face the persistent challenge of fraud and abuse from cybercriminals, often eroding thin margins and profits. Join guest speaker Frank Dickson, IDC's Group Vice President, Security and Trust, for a comprehensive discussion on the newly released 'The Business Value of Google reCAPTCHA' whitepaper.

This webinar will delve into the critical findings of IDC's research, showcasing how organizations are leveraging Google reCAPTCHA to achieve significant returns on investment and protect their digital assets and enhance user experiences.

What you will learn:

> How Google reCAPTCHA helps organizations achieve an average annual benefit of $5 million per organization and a three-year ROI of 545%.
> Strategies to cost-effectively enhance website and application security operations to mitigate business risk.
> Ways to reduce fraudulent accounts, bot attacks, and account takeovers.
> Insights into improving business results and increasing annual net revenue through enhanced security measures.

Join us to discover how Google reCAPTCHA can help your organization enhance security, reduce fraud, and drive significant business value.

Unlocking ROI: The Business Value of Google reCAPTCHA

Building on the principle that "with great power comes great responsibility," this webinar focuses on empowering your AI deployments with robust data protection. Discover how confidential computing and confidential accelerators provide an unparalleled shield for sensitive data and algorithms, ensuring they remain protected even while in use. We'll demonstrate how to leverage this transformative technology to secure your AI workloads across their entire lifecycle, from development to deployment.

In this webinar, you will:

> Discover mechanisms that safeguard your sensitive data even while it's being processed, a critical vulnerability point for traditional security measures.
> Learn how specialized hardware enhances security for AI workloads and other data-intensive applications, providing a robust layer of protection.
> Gain actionable insights into applying confidential computing to protect your sensitive models, training data, and inferences throughout the AI lifecycle.

Join us to establish a strong security foundation for your sensitive data and AI initiatives.

Security Foundation: How to safeguard sensitive data with Confidential Computing?

A robust foundation of baseline security controls is paramount for a strong cloud security posture. We’ll share how Google Cloud’s Security Foundation and shared fate operating model can help  you to comprehensively secure your infrastructure, applications, and data.

In this session, we will focus on how secure enterprise blueprints help you build a layered defense architecture and maintain a secure and well-managed cloud environment. We will explore practical steps to leverage these blueprints for securing your infrastructure, applications, and data effectively across your cloud adoption journey.

Join us to understand how to get started with these blueprints to safeguard your assets throughout your cloud journey.

Security Foundation: How to get started with secure enterprise blueprints?

AI offers organizations unprecedented opportunities for innovation and growth. However, this powerful technology also introduces a new spectrum of risks and challenges. As enterprises increasingly adopt AI, understanding and mitigating these security challenges is paramount. Watch this webinar to learn how you can build safe and secure AI.

Learn about:
> The shift from security "certainty" to "probability" in a non-deterministic AI world.
> How AI adoption exacerbates existing security challenges like data governance and application security.
> The amplified identity and access management (IAM) challenges presented by agentic AI.
> The nuanced approach to AI red teaming, encompassing safety, toxicity, and traditional security testing.
> Practical starting points for organizations embarking on their AI security journey.
> A look into the future of AI security, including the critical role of data provenance and integrity.

Join guest speaker Jeff Pollard, VP Principal Analyst at Forrester, and Google Cloud experts Naveed Makhani, Product Lead for AI Security, and Anton Chuvakin, Advisor at Google Cloud Office of the CISO as they discuss the evolving AI threat landscape and provide actionable strategies for building robust AI security.

How to Build Safe and Secure AI Applications

With context-aware detections in Google Chronicle, Google’s cloud-native SIEM, all the supporting information from authoritative sources (e.g. CMDB, IAM, and DLP) including telemetry, context, relationships, and vulnerabilities are available out of the box in one rule. Google Chronicle customers can now incorporate context earlier in the detection authoring and execution workflow, enabling them to:
 
 - Enhance fidelity of alerting: Enabling analysts and detection engineers to filter out entire clusters of threats that may be expected or represent little-to-no danger to the enterprise.

- Prioritize threats with risk scoring: Making relevant context available for heuristic-driven contextual risk scoring of detections at detection execution time rather than at the human triage stage.

- Respond to alerts faster: Enables them to respond to alerts faster by giving them a graphically integrated and interactive way to view context information from inside the alerts page.

In this diary entry, we’ll recap the basics of Chronicle’s context enrichment, drill into the new capabilities this release provides, and cover some examples of how Chronicle users have been using these capabilities so far.

You can also learn more by reading the blog here: https://chroniclesec.medium.com/security-analyst-diaries-2-detect-alert-respond-context-is-key-everywhere-in-security-operations-1f7b9be0f7c3

Security Analyst Diaries - EP2: Context-Aware Detections

Risk Mitigation

SecOps

Threat Analysis

Threat Detection

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

The storage community on BrightTALK is made up of thousands of storage and IT professionals. Find relevant webinars and videos on storage architecture, cloud storage, storage virtualization and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Storage

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Security Analyst Diaries - EP2: Context-Aware Detections

Presented by

About this talk

Google Cloud Security