Google is doubling down on cybersecurity using AI

News
By published

Whether it’s uncovering stealthy security flaws or boosting how threats are spotted, Google’s AI tools aim to rewrite the rules of digital defense.

A photo of the Google Logo filled with reclyclable items at the company's NYC headquarters building
(Image credit: Nicholas Sutrich / Android Central)

What you need to know

  • Big Sleep, Google's AI security agent, just sniffed out a hidden SQLite flaw (CVE-2025-6965) that hackers were already exploiting.
  • Google’s open-source forensics tool now runs on Sec-Gemini, making log analysis faster and threat detection sharper.
  • Google is also sharing SAIF data with CoSAI to boost research on AI security, supply chain risks, and cyber defense.

In a series of fresh announcements ahead of Black Hat USA and DEF CON 33, Google has laid out how its homegrown AI agents are already finding critical bugs, helping security teams cut down response times, and teaming up with humans in live hacker competitions.

Google’s AI agent Big Sleep, first revealed last year, has recently uncovered a security flaw (CVE-2025-6965) in SQLite that had been floating around in the wild, known only to attackers. This discovery, powered by insights from the Google Threat Intelligence Group, shows how AI can now catch bugs before they blow up.

Big Sleep was built to think like a human security expert, digging through code and spotting shady behaviors just like a real researcher would. Google also designed it to catch sneaky twists on known bugs, which are a goldmine for hackers looking to mess with modern software.

Additionally, Google’s open-source digital forensics tool, Timesketch, is getting a powerful AI boost. Backed by a new model called Sec-Gemini, the upgraded platform can now do some of the heavy lifting in forensic investigations, like sifting through logs and flagging potential threats. This means less work for analysts and much faster incident response. A live demo is set for Black Hat USA.

FACADE: Google’s secret insider threat catcher

Android logo on a phone with a padlock in the background

(Image credit: Jay Bonggolto / Android Central)

Another internal tool is stepping into the spotlight. Google will share a behind-the-scenes look at FACADE, its insider threat detection system that’s been quietly monitoring billions of daily events since 2018. It doesn’t need training data from past attacks to spot anomalies, thanks to a machine learning approach called contrastive learning.

At DEF CON 33, Google is also co-hosting a Capture the Flag (CTF) event with Airbus. Teams will get help from AI assistants to tackle a wide range of security puzzles. It’s a fresh spin that puts AI in the trenches with security pros and hobbyists alike.

Google is also putting its weight behind safer AI development. It’s donating data from its Secure AI Framework (SAIF) to the Coalition for Secure AI (CoSAI), helping fuel work around agentic AI, software supply chain security, and cyber defense. This move follows the initiative's launch at last year’s Aspen Security Forum.

And finally, next month marks the end of the AI Cyber Challenge (AIxCC), a DARPA-led competition supported by Google. The winners will show off new AI tools built to find and fix vulnerabilities in major open-source software, a major step forward for proactive digital defense.

Jay Bonggolto
Jay Bonggolto
News Writer & Reviewer

Jay Bonggolto always keeps a nose for news. He has been writing about consumer tech and apps for as long as he can remember, and he has used a variety of Android phones since falling in love with Jelly Bean. Send him a direct message via Twitter or LinkedIn.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.