Skip to main content
AI & Machine LearningQuantum Computing

Google Bets on General AI Models for Cybersecurity Needs

Futuristic cybersecurity workstation with laptop and high-tech equipment in a bright, minimalist setting.

"I believe that Gemini is a terrific model for our security. You shouldn't expect to see a cyber version that's different." — Francis DeSouza

Google Cloud’s posture announced at Google Cloud Next 26

At Google Cloud Next 26, Francis DeSouza, chief operating officer of Google Cloud, said the company will not produce a separate, cyber‑focused frontier model akin to Anthropic’s Clause Mythos. DeSouza described an evolution in thinking: while early plans anticipated multiple domain‑specific frontier models, Google observed that its core models were improving across domains. He cited coding as an example — "coding is now done incredibly well by Gemini and you don't need a coding specific Gemini model" — and extended that observation to security.

Gemini3.1 Pro plus tooling: Google’s practical path

Google’s practical approach, according to DeSouza, is to pair high‑quality generalist frontier models such as Gemini3.1 Pro with the right tooling and governance rather than fragmenting effort into niche frontier models. He said Google plans to combine the latest Gemini versions with agent and platform capabilities to meet cyber defense needs, and urged enterprises to integrate strong general models into security workflows, train them with contextual data, wrap them with access controls, and embed them in automated detection, triage and response pipelines.

Wiz (now part of Google Cloud) on organizational context

Yinon Costica, co‑founder and vice president of product at Wiz, which is now part of Google Cloud, argued that defenders bring richer, organization‑specific context than attackers. Costica said feeding that context into a strong general model produces better defensive outcomes, reinforcing Google’s view that model generality plus contextualization can satisfy many operational security needs.

Anthropic’s Project Glasswing and OpenAI’s GPT-5.4-Cyber: specialized alternatives

Competing vendors are taking different tacks. Anthropic recently unveiled Project Glasswing, an initiative built around its Claude Mythos frontier AI model that Anthropic says is fine‑tuned for vulnerability detection, incident response and adversarial reasoning. The frontier model has been released to a select group of technology firms — a group that includes Google — and Claude Mythos Preview is available in Private Preview to a select group of Google Cloud customers on Vertex AI as part of Project Glasswing.

OpenAI has likewise developed a defensive variant of its flagship model: GPT‑5.4‑Cyber. OpenAI launched that model alongside an expanded Trusted Access Cyber (TAC) program that provides enterprises with curated datasets, red‑teaming tools and governance frameworks intended to help integrate GPT‑5.4‑Cyber into security operations. Both Anthropic and OpenAI emphasize domain‑specific optimizations for cybersecurity use cases such as real‑time attack pattern recognition and compliance nuance.

What this means for technologists and security teams, enterprise procurement leaders, and Anthropic and OpenAI

  • Technologists and security teams: Expect to evaluate two distinct operational templates — generalist frontier models (Gemini3.1 Pro) wrapped with contextual training, access controls and automation, versus domain‑tuned frontier models like Claude Mythos or GPT‑5.4‑Cyber that are tailored for vulnerability detection, incident response and adversarial reasoning.
  • Enterprise procurement leaders: Procurement decisions will need to weigh the tradeoffs between a single, broadly capable model plus platform tooling and governance, and specialized models paired with curated programs such as OpenAI’s TAC or Anthropic’s Project Glasswing private previews.
  • Anthropic and OpenAI: Both vendors are pursuing specialized paths — Anthropic with Project Glasswing/Claude Mythos and OpenAI with GPT‑5.4‑Cyber and TAC — positioning domain‑specific offerings as complementary or alternative approaches to Google’s generalist strategy.

Google’s position, even as it participates in Anthropic’s Project Glasswing, formalizes a strategic bet: that high‑quality generalist models, when embedded in the right operational frameworks, can meet a wide range of cybersecurity needs without a separate cyber frontier model. The practical test will play out in enterprise deployments: whether context, governance and automation layered on Gemini3.1 Pro match or exceed the defensive benefits claimed for Claude Mythos and GPT‑5.4‑Cyber in real‑world detection, triage and response scenarios.

Original story