What is Google's Sec-PaLM?
Google's answer to Security Copilot
Hey Guys,
So I’ve been thinking a lot more about the impact of A.I. in cybersecurity, data-privacy regulation with regards to ChatGPT, its impact on the future of law itself and how we might be able to regulate it.
So Microsoft thinks it can leverage GPT-4 for a Copilot experience everywhere, Google has the same approach to leveraging PaLM.
Generative AI for cybersecurity is just in its infancy and it’s a battle of Cloud giants.
At the RSA Conference 2023 yesterday on April 24th, 20223, Google announced Cloud Security AI Workbench, a cybersecurity suite powered by a specialized “security” AI language model called Sec-PaLM. An offshoot of Google’s PaLM1 model, Sec-PaLM is “fine-tuned for security use cases,” Google says — incorporating security intelligence such as research on software vulnerabilities, malware, threat indicators and behavioral threat actor profiles.2
We know that Google is working on dozens of A.I. products to take on Microsoft and its threat to its search (advertising) empire and monopoly. As the advertising duopoly is under pressure by Amazon and ByteDance in ads, Microsoft and Apple see a huge opportunity as better walled gardens to move in for the kill.
Cloud Security AI Workbench spans a range of new AI-powered tools, but Google does not have the deep experience in cybersecurity Microsoft does. However, let’s think about this, Google purchased3 Mandiant in 2022 for $5.4 billion. Generative A.I. is like watching an A.I. arms race or AI supremacy contest in the Cloud.
Mandiant’s Threat Intelligence AI within Google Cloud, just got a significant upgrade. Sec-PaLM has already faced down hundreds of the most advanced cybersecurity threats and relies on this experience to prevent the same attacks succeeding elsewhere. According to Google, it combines the company’s “world-class threat intelligence” with advanced incident analysis to stop malware infections in their tracks.
What is Sec-PaLM?
Sec-PaLM it’s a linguistic model (LLM) who has been trained through the knowledge of Mandiant on vulnerabilities, malware, threat indicators and malicious agent profiles. A database of billions of entries that make this AI in cybersecurity expert.
I’ve been bullish on LLMs trained on proprietary data and knew that we’d be seeing some of them in 2023 and 2024. This is fairly good example of that.
It’s pretty neat: Generative A.I. can unlock a lot of value in cyber-defense at a time when there is a significant lack of cybersecurity professionals in the labor force vs. the demand. Mandiant Breach Analytics for Chronicle is based on years of accumulated threat intelligence from Google’s Mandiant team and can automatically alert customers to ongoing, active security breaches. It leans on Sec-PaLM to help contextualize and respond immediately to such attacks.
But just like Security Copilot, this also enables cybersecurity professionals to be upgraded with A.I. in that all too familiar buddy-system formula. Sec-PaLM will assist customers of Chronicle, Google’s cloud cybersecurity service, in searching security events and interacting “conservationally” with the results. Users of Google’s Security Command Center AI, meanwhile, will get “human-readable” explanations of attack exposure courtesy of Sec-PaLM, including impacted assets, recommended mitigations and risk summaries for security, compliance and privacy findings.
Fair enough, but relevant. I’m looking forward to Google’s I/O event because I’m expecting to hear some A.I. swag of new products. Alphabet cleary wants to get this all right. Because it if doesn’t it will hurt Google Cloud growth vs. Azure.
If you consider that VirusTotal Code Insight, the first tool in the Cloud Security AI Workbench, is only available in a limited preview at the moment, this is all a very ne play for Google.
Thirteen years since Google Authenticator was released, it’s getting a vital upgrade. I think Microsoft’s Security Copilot and Google’s Sec-PaLM are evidence that A.I. is only getting more involved and actionable in lucrative and important industries like cybersecurity. Sec-PaLM is still somewhat untested and we don’t actually know much about it or its efficacy in the real world.
Google is trying to tell us that its Security AI Workbench’s capabilities are getting better and you presume it has done its due diligence. But time and the market will tell.
”Supercharging” everything with Generative A.I. is not going to be great, across the board. There is a lot of hype in the Cloud Wars fighting over lucrative cash-cows like Search advertising.
It would be much better if there were new players in the game. But even those tend to be back by the super-powers, such is the fallacy of innovation in Silicon Valley where monopoly capitalism winners buy even the pawns entering the board. So much for a startup meritocracy in search, and increasingly more and more use-cases.
Google was badly late to the cloud and Google Cloud is basically burning cash trying to catch Azure and AWS. You cannot blame them for trying but its all a bit lame as their advertising duopoly won’t last forever. Google and Meta are very poorly diversified companies when compared to Apple or Microsoft, or even Amazon for that matter. Amazon has been increasing their ads revenue in leaps and bounds and I don’t see why Microsoft or Apple won’t succeed soon in doing the same thing.
All that being said, PaLM is only going to get better.
Cloud giants will just pick and choose the best Generative A.I. and Quantum computing companies that add value to their positioning. It’s a bit unfortunate. Knowing this, Anthropic AI will be farmed by Google the way OpenAI has been farmed by Microsoft, even with GPT-5 in regulatory limbo.
https://ai.googleblog.com/2022/04/pathways-language-model-palm-scaling-to.html
https://security.googleblog.com/2023/04/google-authenticator-now-supports.html
https://techcrunch.com/2022/09/12/google-closes-5-4b-mandiant-acquisition/