Symantec is teaming up with Google Cloud to embed generative AI (gen AI) into the Symantec Security platform in a phased rollout for detecting, understanding, and remediating sophisticated cyber-attacks.

Symantec is leveraging the Google Cloud Security AI Workbench and security-specific large language model (LLM) - Sec-PaLM 2 - across its portfolio to enable natural language interfaces and generate more comprehensive and easy-to-understand threat analyses.

With Security AI Workbench-powered summarization of complex incidents and alignment to MITRE ATT&CK context, security operations centre (SOC) analysts of all levels can better understand threats and be able to respond faster. That, in turn, translates into greater security and higher SOC productivity.

Symantec Cloud Secure Web Gateway (SWG) and Cloud Access Security Broker (CASB) were recently migrated onto Google Cloud.

As part of the partnership, Symantec shared query language samples with Google Cloud to help its Sec-PaLM 2 LLM better interact with its specific systems - resulting in improved workflows. Symantec’s Global Intelligence Network provides deep visibility into threats and customers will be able to leverage this telemetry more effectively with advances in gen AI.

This initial phase of gen AI adoption requires no updates on products or processes and uses Symantec’s existing externally facing sites. Existing customers can benefit from the enhanced security provided by new features now available for Symantec solutions:

• Rapid access to enhanced and descriptive threat descriptions
• Easy-to-understand descriptions of the actions performed by malicious scripts and complex machine code (assembly variants - Intel, ARM, etc.)
• Increased performance and throughput to identify malicious binary files
• Closed loop systems that ensure all output is vetted by a human analyst