惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
The Exploit Database - CXSecurity.com
V
Vulnerabilities – Threatpost
Google DeepMind News
Google DeepMind News
Attack and Defense Labs
Attack and Defense Labs
Webroot Blog
Webroot Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
TaoSecurity Blog
TaoSecurity Blog
I
Intezer
Application and Cybersecurity Blog
Application and Cybersecurity Blog
N
News | PayPal Newsroom
S
Security Affairs
T
Tor Project blog
P
Proofpoint News Feed
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Security @ Cisco Blogs
H
Heimdal Security Blog
Hacker News: Ask HN
Hacker News: Ask HN
Help Net Security
Help Net Security
U
Unit 42
云风的 BLOG
云风的 BLOG
The Hacker News
The Hacker News
Cisco Talos Blog
Cisco Talos Blog
量子位
F
Full Disclosure
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
有赞技术团队
有赞技术团队
T
Troy Hunt's Blog
P
Privacy & Cybersecurity Law Blog
Forbes - Security
Forbes - Security
人人都是产品经理
人人都是产品经理
L
Lohrmann on Cybersecurity
Apple Machine Learning Research
Apple Machine Learning Research
Microsoft Security Blog
Microsoft Security Blog
博客园 - Franky
腾讯CDC
AI
AI
Last Week in AI
Last Week in AI
Latest news
Latest news
Google Online Security Blog
Google Online Security Blog
N
Netflix TechBlog - Medium
Engineering at Meta
Engineering at Meta
GbyAI
GbyAI
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
IT之家
IT之家
Martin Fowler
Martin Fowler
Blog — PlanetScale
Blog — PlanetScale
V2EX - 技术
V2EX - 技术
酷 壳 – CoolShell
酷 壳 – CoolShell

Security & Identity

Introducing k8s-aibom on GKE for automated AI bills of materials | Google Cloud Blog Contributing to U.K. financial sector resilience as a critical third party | Google Cloud Blog Meet the 33 cybersecurity startups joining the Gemini Startup Forum | Google Cloud Blog Drive proactive security, prioritize risks with Google Threat Intelligence and Wiz ASM | Google Cloud Blog Shift into high gear with agents: Securing the software-defined vehicle | Google Cloud Blog New IDC study: How Mandiant transforms security into a competitive advantage | Google Cloud Blog Google Cloud confirmed to offer a safer choice for EU public sector organizations with Dutch DPIA approval | Google Cloud Blog Cloud CISO Perspectives: How Google Cloud Security uses AI internally | Google Cloud Blog Securing agentic AI: What's new in VPC Service Controls | Google Cloud Blog Verifiable trust in the AI era: What’s new in Confidential Computing | Google Cloud Blog Choice, compliance, and collaboration: Europe’s path to open digital sovereignty | Google Cloud Blog Driving the UK’s next chapter: From AI potential to agentic reality | Google Cloud Blog Google named a Leader in IDC MarketScape SIEM 2026 Vendor Assessment | Google Cloud Blog Cloud CISO Perspectives: The 4 lessons that guided AI Threat Defense | Google Cloud Blog Powering the next era of Confidential AI Detecting and containing AI-powered threats with Google Security Operations agents Cloud CISO Perspectives: How to build an AI-ready security program for the public sector Introducing Google AI Threat Defense to help you outpace the adversary Cloud CISO Perspectives: How Google + Wiz changes multicloud strategy for CISOs Why cloud infrastructure is the foundation for digital health in 2026 Beyond source code: The files AI coding agents trust — and attackers exploit What's new in IAM: Security, governance, and runtime defense Google named a Leader in the 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies Introducing Agent Gateway ISV ecosystem for security and governance Cloud CISO Perspectives: At Next ‘26, why we’re multicloud and multi-AI Next ‘26: Redefining security for the AI era with Google Cloud and Wiz | Google Cloud Blog Introducing Google Cloud Fraud Defense, the next evolution of reCAPTCHA | Google Cloud Blog Next ‘26: Announcing new partner-supported workflows for Google Security Operations | Google Cloud Blog Cloud CISO Perspectives: How CISOs can pursue technical and cultural resilience (Q&A) | Google Cloud Blog Essential AI and cloud security now on by default Securing AI inference on GKE with Model Armor A Leader in Forrester Wave Sovereign Cloud Platform 2026 See beyond the IP and secure URLs with Google Cloud NGFW Cloud CISO Perspectives: RSAC: AI, security, and the workforce of the future How to build AI agents with Google-managed MCP servers RSAC ’26: Supercharging agentic AI defense with frontline threat intelligence IAP integration with Cloud Run Why context is the missing link in AI data security Welcoming Wiz to Google Cloud: Redefining security for the AI era Cloud CISO Perspectives: New Threat Horizons report highlights current cloud threats Google named a Leader in IDC MarketScape: U.S. SLG Professional Security Services Introducing the Google Cloud recommended security checklist Cloud CISO Perspectives: How Google approaches critical security topics, from fundamentals to AI Sovereignty and European competitiveness: A partnership-led approach to AI growth Cloud CISO Perspectives: New AI threats report: Distillation, experimentation, and integration Delivering a secure, open, and sovereign digital world Introducing Single-tenant Cloud HSM for more data encryption control Cloud CISO Perspectives: 5 top CISO priorities in 2026
Bringing dark web intelligence into the AI era
Brandon Wood, TJ Alldridge · 2026-03-23 · via Security & Identity

Most threat intelligence teams have plenty of data, as they’re inundated with thousands of false positives that can all too easily obscure the threats that matter most. Merely reducing the alerts can risk missing out on critical threats, so a smarter solution is needed — and Google Threat Intelligence can help.

The problem isn't a lack of data — it’s a lack of relevance. To get teams the critical data they need to make quick, accurate decisions about rising threats, we’re introducing a new dark web intelligence capability in Google Threat Intelligence. Using Gemini, it analyzes millions of dark web events daily, elevating only threats relevant to your mission and business operations, so that your team can focus on threats that matter, early in the attack lifecycle.

"Threat intelligence has evolved from being a specialized, technical function to strategically driving modern cybersecurity programs. But security organizations only realize its value when threat intelligence has clarity, contextual relevance, and organizational alignment," said Jitin Shabadu and Merritt Maxim in Forrester’s December 2025 edition of The State of Threat Intelligence.

Internal tests show Google Threat Intelligence can analyze millions of daily external events — with 98% accuracy. The new dark web intelligence capability is positioned to change how organizations gain insight into some of the hardest-to-track threats and threat actors in the world.

“In previous roles, I’ve leveraged several dark web tools and found they averaged over 90% false positives. The new dark web intelligence flips this, filtering noise and connecting dots that no human analyst could see in time. It’s the difference between reacting to a fire and putting it out before the match is struck,” said Michael Kosak, director, Threat Intelligence, LastPass.

Use deep business context and AI to move faster than the adversary

Instead of requiring your team to manually input and update keywords, our new dark web intelligence capability uses Gemini to autonomously build an organizational profile that is specific to your business operations and mission, automatically adjusting as these are modified. As you use and integrate the intelligence, the profile evolves, helping to ensure the system's context is current without the administrative burden.

Dark web intelligence can help you identify risks elevated by threat actor behavior. Consider a scenario where an initial access broker posts on an underground forum that they’re selling active VPN access to a major European retailer with $15 billion in annual revenue, and offering credentials that include access to central payroll and logistics portals.

Since many legacy tools depend on exact keyword matches for your brand name, and the broker has intentionally avoided naming the victim, security teams aren’t alerted.

The new dark web intelligence capability takes a more robust approach. It cross-references the broker’s post with your profile, recognizing the revenue bracket, geographic location, and specific portal types match a subsidiary in your retail group. It connects these dots and alerts you to the compromised entry point — before the broker finds a buyer.

To provide defenders with a true computational advantage over the adversary, we use Google’s unique vertical integration — owning the chips, compute, and foundational Gemini models to analyze massive event streams from forums, services, and technical infrastructure at a scale that would challenge legacy tools. Further, our Google Threat Intelligence Group (GTIG) analysts, who are deeply entrenched in the dark web, help provide essential context that grounds Gemini’s capabilities.

See the new dark web intelligence capabilities in action

Attending RSA Conference? Stop by Booth N6062 for a live demonstration of the new capabilities in Google Threat Intelligence and see how we’re turning dark web noise into active defense.

Check out this podcast for more discussion on dark web intelligence.

Posted in