Cloud Next 2026: Agentic AI Defence with Google Cloud
On this page
Three years ago, handing off access between cybercriminals took eight hours. Today, according to Google Cloud’s M-Trends 2026 research, that handoff takes 22 seconds. The attackers automated. The defenders are now being forced to answer in kind.
That compression — eight hours to 22 seconds — is why Google’s announcements at Cloud Next 2026 this week land differently than the usual conference product parade. This wasn’t a roadmap. It was a response. AI-powered offence arrived. Agentic AI defence is the answer Google is shipping.
But here’s what the security headlines are burying: the more consequential announcement for anyone in the agentic AI space isn’t the new threat-hunting agents. It’s the platform those agents run on — and what it means for every organisation trying to move from ‘we built an agent’ to ‘we operate a hundred of them safely.‘
What Google Actually Announced at Cloud Next 2026
Google Cloud CEO Thomas Kurian opened his keynote with a line worth noting: “Today, that future is in-production — the Agentic Enterprise is real — and deployed at a scale the world has never before seen.” This wasn’t aspiration. Google’s own first-party models now process more than 16 billion units of text per minute (up from 10 billion the previous quarter), according to Cyber Magazine’s coverage. Nearly 75% of Google Cloud customers are now using AI products, per CEO Thomas Kurian’s keynote.
The concrete announcements break into three buckets. First, the security agents: a Threat Hunting agent (now in preview) that proactively identifies novel attack patterns, a Detection Engineering agent (also in preview) that finds gaps in security coverage and writes new detections automatically, and a Third-Party Context agent (coming soon) that pulls in intelligence from external sources. All three live inside Google Security Operations.
Second, the platform: the Gemini Enterprise Agent Platform, which — as Forrester’s analysts noted — collapses Vertex AI Agent Builder, Agentspace, the Agent Development Kit, standalone observability tools, the model registry, and several other agent-adjacent products into a single surface for building, securing, running, governing, and watching agents. Third, the Wiz integration: following Google’s acquisition, the new Wiz AI Application Protection Platform offers coverage from code to cloud to runtime across multicloud and hybrid environments.
Why Agent Governance Is the Real Story Here
Sundar Pichai said something at the keynote that deserves more attention than it got: “The conversation has gone from ‘Can we build an agent?’ to ‘How do we manage thousands of them?’” That shift is everything. The hard problem in agentic AI right now isn’t building agents — it’s running them at scale without losing track of what they’re doing, who authorised them, and what they can touch.
The Gemini Enterprise Agent Platform is Google’s answer to that problem. The components matter: Agent Identity gives every agent a unique cryptographic ID with auditable authorisation policies (this part is already generally available — everything else remains in preview, per Forrester). An Agent Gateway enforces policies centrally across every agent interaction, including protection against a specific class of attack where bad actors try to hijack an agent by feeding it malicious instructions — something the technology press calls “prompt injection” but which is better understood as an agent being tricked into doing something it shouldn’t.
The platform also includes over 200 models in its model library — including third-party options like Anthropic’s Claude — and the Agent-to-Agent (A2A) communication protocol hit version 1.0, now running in production at 150 organisations according to The Next Web’s coverage. That last number is small but meaningful: it’s the first sign that multi-agent systems are moving from demos to deployments.
The 22-Second Problem Is Now Your Agent Problem Too
Here’s the thing most coverage is missing: the security agents Google announced aren’t just useful for enterprise security teams. They’re a signal about where the entire agent ecosystem is heading. The reason threat actors can hand off access in 22 seconds is that they’ve automated coordination between agents. The reason Google’s security agents can respond at that speed is the same: autonomous coordination, persistent memory, and the ability to act without waiting for a human to review each step.
That capability cuts both ways. The same architecture that lets a Detection Engineering agent identify coverage gaps and write new detections automatically is what will eventually let a personal AI agent manage your calendar, triage your inbox, and follow up on proposals — all without you touching it. The infrastructure Google is building for enterprise security defence is the same infrastructure that powers every AI agent at every scale. When Google ships governance tooling for agents operating at the speed of 16 billion text units per minute, that technical foundation matters for the whole category.
The Gemini Enterprise platform achieved 40% growth in paid monthly active users in Q1 alone. Alphabet has committed more than $175 billion in capital expenditure for 2026 to underpin this infrastructure, according to Forrester. When infrastructure investment at that scale is being pointed at agentic AI, the underlying capability — speed, reliability, governance — flows through to every agent running on top of it. That includes the kind discussed at length over on our AI agent platform guide.
We’ve covered the broader landscape of agentic AI companies building in 2026 — and Google’s Cloud Next announcements reinforce a pattern we’ve been watching: governance is now table stakes. The companies that get this right are separating from the field.
What to Do With This Information
Beacon’s shining a light on the AI agents quietly transforming how we defend, detect, and respond — Google Cloud just made the future a little harder to ignore.
- If you’re evaluating AI agent platforms: Ask your shortlist vendors specifically about agent identity and policy enforcement. Google just made these table stakes. Any platform that can’t tell you how it audits agent actions is a year behind. The question isn’t ‘can you build agents?’ — it’s ‘can you govern them?’
- If you’re already running AI agents: The A2A protocol v1.0 reaching production status matters for multi-agent setups. If you’re running agents that need to coordinate with each other, watch how quickly Google’s ecosystem adopts A2A. It becoming a standard is worth tracking.
- If you’re in security operations: The Threat Hunting and Detection Engineering agents are in preview now. Both warrant a close look if your team is stretched across a large attack surface. The Detection Engineering agent writing its own detections for emerging threats is the operationally significant one — that’s hours of analyst time per week.
- If you’re building on Google Cloud: Most of the Gemini Enterprise Agent Platform is still in preview. Agent Identity is GA. Start there if you need something in production — and plan your architecture around the full platform coming to GA over the next few quarters.
What Cloud Next 2026 Signals for the Agent Era
- Google announced three new AI security agents at Cloud Next 2026: Threat Hunting and Detection Engineering (both in preview), and Third-Party Context (coming soon) — all running inside Google Security Operations.
- The Gemini Enterprise Agent Platform consolidates Google’s entire agent toolchain into one governance surface, with Agent Identity (cryptographic IDs for every agent) as the only GA component so far.
- Cyberattack coordination time has dropped from 8 hours to 22 seconds over three years, per Google’s M-Trends 2026 research — the direct reason Google is betting on autonomous defence agents.
- The Agent-to-Agent (A2A) protocol hit v1.0 and is running in production at 150 organisations, signalling that multi-agent coordination is moving from experimental to operational.
- Alphabet’s planned $175 billion-plus in capital expenditure for 2026 is being pointed squarely at agentic AI infrastructure — the scale of that bet is worth tracking regardless of which platform you’re building on.
- Governance — agent identity, policy enforcement, observability — is now the primary challenge in enterprise AI deployments, not model capability. The question Sundar Pichai named: ‘How do we manage thousands of agents?’ is the question every serious deployment is now facing.
The organisations that figure out agent governance first don’t just run agents better — they compound. Every well-governed agent deployment makes the next one faster to authorise, easier to audit, and simpler to scale. The ones still debating whether to pilot agents are paying a different kind of tax: every quarter they wait, the governance gap widens. Google just published their answer to the management problem. The interesting question now is who else follows.
