Google for Startups Publishes Mitigant Case Study: Validating Cloud Security Gaps up to 5X Faster with Gemini

Google for Startups has published a case study highlighting how Mitigant leverages Google Gemini to accelerate cloud security validation. As an alumnus of the Google for Startups Growth Academy: AI for Cybersecurity, Mitigant has continued to deepen its use of Google's AI technologies to push the boundaries of Adversarial Exposure Validation (AEV)for cloud-native infrastructure.

The article details Mitigant's journey from identifying the core challenge  to building an AI-powered dual-model architecture that delivers actionable insights at speed.

Key Results

• Over 60% reduction in time-to-insight for customers
• 3-5X faster vulnerability triage times compared to manual analysis
• ~3X increase in adoption of Mitigant's Cloud Attack Emulation platform

AI-Powered Architecture

Mitigant built a dual-model architecture using Gemini via Vertex AI, powering AI-driven features including Attack Report Summarization, Attack Recommendations, and Bring Your Own Role (BYOR):

• Gemini Flash powers high-volume, real-time tasks such as transforming complex technical reports into clear, actionable, and executive-friendly summaries.
• Gemini Pro handles complex analysis, including Mitigant's Attack Recommendation feature, which analyzes a customer's specific cloud security posture to suggest the most relevant attacks for offensive security testing.

A custom Retrieval-Augmented Generation (RAG) framework ensures accuracy by grounding AI outputs in verified industry standards, including authoritative frameworks of adversary tactics and techniques (MITRE ATT&CK).

Beyond the Case Study: What's Already Live

The Google for Startups case study previews several upcoming capabilities, but the vision described in the article is already a reality:

• Attack Builder is now live, enabling security teams to create custom cloud attack scenarios in seconds, without writing code, powered by the Cloud Attack Language (CAL).
• Cloud Attack Language (CAL) is a YAML-based schema for constructing multi-step, complex cloud attacks, bringing Attack-as-Code to AEV.
• Mitigant Threat Catalog is a free, interactive resource that transforms MITRE ATT&CK cloud techniques into executable CLI commands and CAL definitions that security teams can run and adapt. Read more about it in the launch blog post.

Together, these capabilities represent a shift from static security findings to dynamic, reproducible attack emulations that plug directly into detection engineering pipelines, security control validation, and incident response exercises.

Read the full case study on Google for Startups: https://startup.google.com/alumni/stories/mitigant/

‍