AI Security

The defenders went agentic — Google's AI hunts threats autonomously

Google launched Agentic Threat Intelligence: AI agents investigating threats autonomously.

October 9, 2025 4 min read

On 20 October 2025, Google launched Agentic Threat Intelligence (ATI) — an AI-powered platform acting as a "digital teammate" for security analysts. Not a dashboard. An autonomous agent that investigates threats, correlates data, and delivers answers through conversation.

What it does

  • Analyse suspicious files — reasoning about behaviour, not just signatures
  • Correlate across data sources — OSINT, dark web, Mandiant data, VirusTotal, cloud telemetry
  • Generate investigative summaries — 4-hour analyst tasks reduced to minutes
  • Conversational interface — ask follow-ups, drill into specifics

The catch

Agentic security tools face prompt injection vulnerability. The agents meant to protect you need their own protection layer.

What to do

  1. Evaluate ATI if you're a Google TI customer.
  2. Augment SOC, don't replace it. Agents handle volume. Humans handle judgment.
  3. Ask vendors about agent roadmaps.
  4. Include AI agent security in threat models.