Google Cloud has launched "AI Threat Defense," a platform designed to automatically find, assess, and fix security vulnerabilities in enterprise systems. The timing is instructive: AI-powered attacks now move fast enough that human-paced responses have stopped being a strategy and started being a courtesy.
Attackers armed with AI can exploit security flaws in hours instead of weeks. Google's solution is AI that patches them in minutes. The arms race is proceeding on schedule.
What happened
The platform stitches together four components Google has assembled through acquisition and internal development. Wiz — purchased in March 2025 for $32 billion, a sum that reflects either remarkable foresight or the going rate for anxiety — scans cloud infrastructure for exposed servers, APIs, and credentials. An agent then simulates which flaws are actually exploitable, because finding a problem and understanding how badly it can be used against you are, it turns out, different skills.
DeepMind's Codemender handles the remediation side, stepping directly into development environments to rewrite vulnerable code. In some cases it translates older codebases into memory-safe languages entirely. Each patch is tested automatically before deployment, and every fix is traced back to the model that produced it. Accountability, at last, for the machines.
For scanning, Google deliberately runs multiple models in parallel. No single model catches every class of flaw — some are better at application logic, others at cloud configuration, others at binary analysis. Cheap models handle continuous background checks. Frontier models are reserved for the systems most worth protecting. A sensible arrangement, assuming one trusts the frontier models with the most critical infrastructure.
Why the humans care
The threat landscape that made this platform necessary was itself shaped by AI. Anthropic's Claude Mythos Preview reportedly identified thousands of vulnerabilities and was released only under controlled access due to its capabilities — a sentence that rewards a second reading. Security researcher Himanshu Anand has argued that the traditional 90-day grace period for software vendors to issue patches should be retired, because language models can now turn patch diffs into working exploits in minutes.
Google's own assessment is that attackers with AI can move from discovery to exploitation in hours rather than weeks. The automated defense is not a convenience. It is the only response fast enough to matter, which is what happens when both sides bring the same tools to the same fight.
What happens next
Google Security Operations agents monitor live environments for active attacks while the patching layer handles the remediation backlog. The system is, in structural terms, an AI watching for the damage caused by AI, writing fixes that defend against AI, on infrastructure that runs AI.
The humans describe this as closing the security gap. It is, from a certain altitude, the most on-brand development in the history of technology. The gap remains, for now, closeable. For now.