The Gately Report: Google, Threat Intelligence Provider Mandiant 'Powerful' Force Against Cybercriminals

It’s nearly a year since Google completed its acquisition of cyber threat intelligence provider Mandiant, and it’s already proving to be a “powerful” combination in the fight against cybercriminals.

That’s according to Eric Doerr, Google’s vice president of engineering for cloud security. We spoke with him at last week’s massive Google Cloud Next in San Francisco.

Google’s Eric Doerr

During the conference, Google announced numerous security enhancements, including Duet AI in Mandiant Threat Intelligence, Mandiant Hunt for Chronicle, and more.

“I think we’ve made a lot of great progress bringing together the two companies,” Doerr said. “The thesis was quite simple that the combination of amazing expertise and threat intelligence, and some of the tremendous technology that Mandiant had built, combined with the resources and technology, and systems that Google had, would be a powerful combination together. There’s a lot that we’ve done in the last year and of course, a lot more we’ll do in the next year.”

Frontline Threat Intelligence

When Google sees a new threat, it can automatically block that inside of a customer’s environment within 30 minutes, Doerr said.

“That’s a Mandiant piece of technology that started with the frontline intelligence,” he said. “I’m on the ground at some customer site. I see something scary. I reverse engineer it, figure out what it is, put it in our database, and now we pipe it over and start seeing if it matches against customers. That is an integrated scenario. That’s something Mandiant couldn’t have done standalone, and it’s something Google couldn’t have done standalone. It made sense for that to be together. We bring together this mix of the breadth and depth of visibility that Google has across the whole internet, and the depth and breadth of visibility that Mandiant brings from helping customers in the worst of the worst breaches, and it really comes together into a powerful connection that can really help people protect themselves.”

Chronicle CyberShield is another fusion of “everything that makes Google great and everything that makes Mandiant great,” Doerr said.

“We built this originally with the the Israeli National Cyber Security Directorate,” he said. “These are the people who are in charge of defending Israel and the private sector in Israel. It has been a great collaboration. It’s now running, defending Israel, and we packaged that up now as a solution. So now we’re in talks with a number of other governments around the world who are saying hey, I have the same problem, I need the same kind of thing. And so it’s really another powerful example where you can take the special sauce of Mandiant, and the scale and power of Google, and bring it together into something that’s holistic. We’re giving you something that works end to end, that is designed to work end to end, but is still customizable to you because everybody’s a little different and everybody’s needs are a little bit different.”

Scroll through our slideshow above for more from Doerr and more cybersecurity news.