Apr 07, 2025 13:00:00

Google announces 'Sec-Gemini v1,' an AI model specialized for cybersecurity

An experimental cybersecurity model called Sec-Gemini v1 , which combines the advanced capabilities of Google's AI chatbot

Gemini with cybersecurity knowledge and tools, was announced on April 4, 2025. By providing Sec-Gemini v1 free of charge for research purposes, Google aims to foster strong collaboration and improve defense capabilities across the cybersecurity community.

Google Online Security Blog: Google announces Sec-Gemini v1, a new experimental cybersecurity model
https://security.googleblog.com/2025/04/google-launches-sec-gemini-v1-new.html

In a security blog about Internet security and safety, Google announced a new experimental AI model, Sec-Gemini v1, focused on advancing the frontier of cybersecurity AI. According to Google, in cybersecurity, defenders face the difficult task of defending against all cyber threats, while attackers only need to find and exploit one vulnerability, creating a fundamental asymmetry. Therefore, Google says that by leveraging AI in cybersecurity workflows, it has the potential to make security stronger than ever before and shift the balance back to the defender.

Sec-Gemini v1 combines Gemini's advanced capabilities with near real-time cybersecurity knowledge and tools to deliver cutting-edge reasoning capabilities and the broadest range of up-to-date cybersecurity knowledge, enabling superior performance in key cybersecurity workflows, including incident root cause analysis, threat analysis, and understanding the impact of vulnerabilities.

According to Google, Sec-Gemini v1 has outperformed other models in cybersecurity benchmarks as a result of highly integrating Google's major data sources. Below is a graph comparing the results of the major threat intelligence benchmark 'CTI-MCQ' with 'Sec-Gemini v1', 'OpenAI o1', 'GPT-4o', 'Claude 3.5 Sonnet', 'OpenAI o3-mini', 'DeepSeek V3' and 'Mistral Large'. Compared to other models, Sec-Gemini v1 is shown to be more than 11% better.

Below are the results of the Cybersecurity Threat Intelligence and Root Cause Mapping Benchmark 'CTI-RCM,' which evaluates the ability of LLMs to understand the nuances of vulnerability descriptions, identify the underlying vulnerabilities, and accurately classify them. Google reports that Sec-Gemini v1 also performed 10.5% better than other models in the CTI-RCM.

The image below shows the results of asking Sec-Gemini v1 about a group called '

Salt Typhoon ,' believed to be run by the Chinese Ministry of State Security and engaged in large-scale cyber espionage against the United States. After identifying Salt Typhoon as a threat actor, Sec-Gemini v1 outputs a comprehensive description of the threat actor, details of the vulnerabilities it is exploiting, as well as vulnerability context for the threat actor. This allows analysts to more quickly understand the risk and threat profile associated with a given vulnerability.

Google said, 'We believe that to successfully push the frontier of AI cybersecurity and give defenders a decisive advantage, strong collaboration across the cybersecurity community is necessary.' Therefore, Sec-Gemini v1 will be made available free of charge to certain organizations, institutions, experts and NGOs for research purposes, in the hopes of strengthening collaboration and improving overall defense technology.