According to the search giant, Google's AI agent "Big Sleep," which was introduced last year to look for unidentified security flaws, has discovered plenty of them. The SQLite vulnerability CVE-2025-6965, which was already being used by hostile actors, was the most recent discovery it made.
According to Google, this is the first instance of an AI agent explicitly stepping in to halt an attack that was being used in the field. Google added that Big Sleep has also been deployed to attempt to boost the security of widely used open-source projects. Those battling threat actors now have another weapon in their toolbox thanks to the move to Big Sleep for proactive vulnerability prediction.
Google revealed several new AI capabilities it has been working on to strengthen defenses, in addition to some of Big Sleep's most recent accomplishments. Among these is Timesketch, an open-source digital forensics tool that Sec-Gemini is enhancing with agentic features. To expedite incident response, this technology will be able to automate preliminary forensic investigations.
Additionally, Google declared that in August, it will showcase FACADE (Fast and Accurate Contextual Anomaly Detection) at Black Hat. Since 2018, Google has used this internal tool to analyze billions of security events every day and find internal dangers without relying on attack history.
Google announced today that it is contributing data from its Secure AI Framework (SAIF) to help the Coalition for Secure AI (CoSAI), which it assists in establishing, accomplish its work more quickly. CoSAI's efforts in software supply chain security, cyber defense, and agentic AI will be aided by this grant.
At DEF CON 33 next month, Google will also reveal the AI Cyber Challenge winners with DARPA. Major open-source projects can be secured by using the new AI technologies that the competitors will demonstrate.