Skip to main content

Fueling AI Innovation in SecOps Products: The SecLM Platform and Sec-Gemini Research Pipeline

  • June 12, 2025
  • 1 reply
  • 1154 views
DrScott
Staff
Forum|alt.badge.img

Fueling AI Innovation in SecOps Products:
The SecLM Platform and Sec-Gemini Research Pipeline

In cybersecurity, relentless innovation is key to staying ahead of adversaries. To meet this challenge at Google Cloud, we've developed SecLM, a platform that brings together best-in-class Gemini models, advanced AI infrastructure, and our deep security knowledge base to power AI features in Google’s Security Products, including Google Security Operations (SecOps) and Google Threat Intelligence. SecLM enables a suite of capabilities that assist customers in reducing toil, enhancing the effectiveness of their security experts, and ultimately, strengthening their defenses against evolving threats.

But how do we ensure SecLM maintains its advantage against the threats that matter most to our customers? This is where Sec-Gemini comes in as a dedicated research and innovation initiative bringing together cutting-edge capabilities from across Google, including Cloud and DeepMind.

Sec-Gemini: The Innovation Engine

Think of Sec-Gemini as an advanced research environment—a place where new ideas are developed and the future of security AI is explored. As detailed in the initial announcement, Sec-Gemini is an experimental AI platform focused on advancing cybersecurity AI frontiers. It combines Gemini's advanced capabilities with near real-time cybersecurity knowledge and advanced tooling. Sec-Gemini is an incubator  for novel techniques and capabilities that could redefine cyber defense. For example, Sec-Gemini has demonstrated superior performance in key tasks from CTIBench and other cybersecurity-focused benchmarks, outperforming other state-of-the-art models by as much as 11 percentage points.

From Research Insight to Customer Impact

SecLM and Sec-Gemini operate in a powerful symbiotic relationship. Sec-Gemini acts as a "feeder system," generating breakthrough concepts through innovative research collaborations. The most promising of these are then meticulously translated, hardened, and integrated into the SecLM platform for our commercial offerings.

This two-system approach is designed to deliver innovation safely and reliably:

  • Rapid Innovation: Sec-Gemini allows us to experiment with aggressive, cutting-edge techniques alongside our collaborative research partners without introducing any risk or instability to your production security tools.
  • Production Excellence: Integration of proven advancements within SecLM keeps your SecOps suite ahead of the most advanced threats, but also provides a stable, reliable, and optimized platform for real-world enterprise security demands.

Innovation in Action: Advanced RAG Enhances SecLM

A key aspect of our innovation strategy  involves leveraging insights from Sec-Gemini's research to boost SecLM's performance. This includes the refinement of Retrieval-Augmented Generation (RAG) technologies and the integration of specialized data for grounding. These elements, born from Sec-Gemini's research, directly benefit how SecLM processes information and assists users, allowing for more accurate and context-aware responses.

The results? SecLM recently achieved an impressive 88.5% on the general cybersecurity knowledge benchmark (CTI-MCQ) — 2 points ahead of the initial Sec-Gemini announcement and nearly 14 percentage points above the next leading foundation model. In the root cause mapping assessment (CTI-RCM), SecLM scored 84.6%, just 1.5 points shy of Sec-Gemini and 9 percentage points above the next best model.

Most importantly, Google SecOps customers now benefit from this innovation in their production workloads, leading to better answers to a wider variety of complex security questions!

Customer-Centric Innovation

Our primary mission remains fixed on improving your experience and real-world security outcomes. This customer-centric drive focuses innovations on tangible improvements to your daily operations, such as the development of advanced security agents within the SecLM platform. Sec-Gemini is crucial for the foundational research behind such sophisticated capabilities. These cutting-edge learnings are continually integrated into Google SecOps and Google Threat Intelligence via SecLM, ensuring our security agents and the entire platform empower your defenders with AI capabilities at the forefront of cybersecurity—all driven by our pioneering research fueling a production-grade platform.

    1 reply

    ovia_inc
    Forum|alt.badge.img
    • ovia_inc
    • New Member
    • January 8, 2026

    Good work

     

    https://oviainc.github.io/thewebsite/

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.