Argomenti trattati
The security conversation at Google Cloud Next 2026 centered on accelerating threat response and extending protection across a rapidly diversifying cloud and AI landscape. Executives sketched a shift from purely human-led defenses toward an operational model where AI agents perform routine analysis and remediation at machine pace, with humans retaining oversight. These moves reflect investments already underway following the completion of Google s historic $32 billion acquisition of Wiz in March, and they aim to bind agentic automation tightly to developer workflows and platform telemetry.
At stake is more than speed: the announcements are meant to reduce exposure across distributed systems, from traditional cloud workloads to AI-generated code and agent studios. The briefings emphasized integration, governance and runtime protection as cornerstones of the new stack. By combining the detection capabilities of the Wiz platform with Google s model and agent tooling, organizations will be able to detect novel attack patterns faster, enrich context from third-party sources, and accelerate remediation with automated playbooks.
Introducing a new fleet of AI agents
Google Cloud revealed three purpose-built agent types inside its Security Operations suite to increase hunting and coverage at scale. The first, a Threat Hunting agent, is designed to proactively surface previously unseen attack sequences and logic flaws that conventional rules miss; it is currently offered in preview. The second agent, the Detection Engineering agent, automates the discovery of gaps in detection coverage and can propose or generate new detection rules to close those gaps, also in preview. A third player, the Third-Party Context agent, is slated to arrive soon in preview and focuses on enriching investigations with external data feeds to improve prioritization and triage.
Operational speed and triage improvements
Alongside new agent types, Google highlighted measurable efficiency gains from its existing Triage and Investigation agent. Over the past year that agent processed more than 5 million alerts, and, by leveraging the Gemini model family, cut a manual analysis task that would have taken roughly 30 minutes down to about one minute. That reduction demonstrates how agent orchestration can transform an overloaded security operations center into a higher-value control plane that focuses on strategy and oversight instead of repetitive triage.
Wiz platform expansion across clouds and AI studios
Under Google Cloud stewardship, Wiz is broadening its range of supported environments. Notably, Wiz now protects Databricks deployments, offering visibility into sensitive data locations, access patterns and identity relationships that create risk. Wiz also added compatibility with multiple agent and AI studio platforms, including AWS Agentcore, the Gemini Enterprise Agent Platform, Microsoft Azure Copilot Studio, and Salesforce Agentforce. These integrations are intended to surface risks created by model and agent interactions, as agents can open novel pathways to data and actions.
Edge and outer-layer integrations
The Wiz rollout continues outward with new connectors to the perimeter and developer-facing layers of the cloud. Support for Google Cloud Apigee, Cloudflare AI Security for Apps, and Vercel was announced to ensure that API gateways, application delivery fronts and modern hosting platforms are included in the attack-surface assessment. By folding those layers into the same risk engine, security teams gain unified prioritization and a single source of truth for exposures across front-end and backend vectors.
Protecting AI-native development and runtime agents
Wiz also unveiled capabilities focused on the security of AI-first development. An integration with Lovable enables Wiz scanning directly inside that environment to catch vulnerabilities, misconfigurations and exposed secrets during early coding stages, including so-called vibe-coded applications that rely on AI assistance. Additional features include inline AI security hooks to vet AI-generated code before it reaches production and agent-powered remediation via Wiz Skills, which automate corrective actions once a risk has been validated.
Rounding out the announcements, Google Cloud introduced the Gemini Enterprise Agent Platform to help organizations build, orchestrate and govern their agent fleets. Core capabilities highlighted were agent identity management, an agent gateway to control and monitor agent communications, and advances in Model Armor runtime protection to shield models and agent executions from manipulation. Together these pieces are intended to provide both operational agility and signal-level security that scales with agent adoption.
Executives framed the overall strategy as a move toward an AI-led defense model overseen by humans, where machines handle high-volume, routine tasks and teams concentrate on complex, contextual decisions. For organizations operating across multi-cloud and AI-driven landscapes, the combined Google Cloud and Wiz enhancements aim to deliver faster detection, broader coverage and tighter governance from code to runtime, preserving control while enabling automation at scale.