M-Trends 2026 Report

M-Trends 2026 Report: Real-world investigations and actionable defense insights

A definitive look into the threats and tactics used in breaches, grounded in over 500k hours of incident investigations in 2025 by Mandiant.

Get your copy now.

First name

Last name

Business email

Calling Code

Business phone

Job title

Company name

Sign me up to receive news, product updates, event information, and special offers about Google Cloud from Google.

I understand my personal data will be processed in accordance with Google's Privacy Policy.

Why this report is essential

In a landscape where the window to intervene has collapsed from hours to seconds, security leaders can no longer rely on reactive strategies. M-Trends 2026 provides the frontline intelligence needed to address both emerging AI-driven threats and the persistent systemic failures that still account for the vast majority of breaches. Move beyond passive defense with actionable guidance on securing unmonitored Tier-0 assets, virtualization stacks, and SaaS integrations.

Download the M-Trends 2026 Report to uncover:

How the timeline for accelerated ransomware handoffs between cybercriminal partners has collapsed to just seconds.
How attackers are abusing AI within compromised environments.
Why modern extortion campaigns have shifted away from simple encryption toward aggressive “Recovery Denial” tactics.
Why multi-year espionage intrusions are forcing organizations to drastically rethink their forensics and telemetry retention strategies.
How threat actors target the virtualization stack to bypass guest-level defenses and embed deep persistence.
The systematic methods attackers use to exploit edge devices and network appliances before patches are even released.
The mechanics of SaaS integration abuse, which adversaries are leveraging for massive data theft and cross-cloud lateral movement.

As threat actors refine their techniques, Mandiant continues to offer the critical, actionable insights needed to move beyond passive defense to active resilience.

Threat IntelSecOpsCloud securityConsultingSecurity resources

Accelerate your digital transformation
Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.
Learn more

Industry Solutions
Reduce cost, increase operational agility, and capture new market opportunities.

Retail
Analytics and collaboration tools for the retail value chain.

Consumer Packaged Goods
Solutions for CPG digital transformation and brand growth.

Financial Services
Computing, data management, and analytics tools for financial services.

Healthcare and Life Sciences
Advance research at scale and empower healthcare innovation.

Media and Entertainment
Solutions for content production and distribution operations.

Telecommunications
Hybrid and multi-cloud services to deploy and monetize 5G.

Games
AI-driven solutions to build and scale games faster.

Manufacturing
Migration and AI tools to optimize the manufacturing value chain.

Supply Chain and Logistics
Enable sustainable, efficient, and resilient data-driven operations across supply chain and logistics operations.

Government
Data storage, AI, and analytics solutions for government agencies.

Education
Teaching tools to provide more engaging learning experiences.

Not seeing what you're looking for?
See all industry solutions

Application Modernization
Assess, plan, implement, and measure software practices and capabilities to modernize and simplify your organization’s business application portfolios.

CAMP
Program that uses DORA to improve your software delivery capabilities.

Modernize Traditional Applications
Analyze, categorize, and get started with cloud migration on traditional workloads.

Migrate from PaaS: Cloud Foundry, Openshift
Tools for moving your existing containers into Google's managed container services.

Migrate from Mainframe
Automated tools and prescriptive guidance for moving your mainframe apps to the cloud.

Modernize Software Delivery
Software supply chain best practices - innerloop productivity, CI/CD and S3C.

DevOps Best Practices
Processes and resources for implementing DevOps in your org.

SRE Principles
Tools and resources for adopting SRE in your org.

Platform Engineering
Comprehensive suite of managed services and Golden Paths to build, manage, and scale IDPs.

Run Applications at the Edge
Guidance for localized and low latency apps on Google’s hardware agnostic edge solution.

Architect for Multicloud
Manage workloads across multiple clouds with a consistent platform.

Go Serverless
Fully managed environment for developing, deploying and scaling apps.

Artificial Intelligence
Add intelligence and efficiency to your business with AI and machine learning.

Customer Engagement Suite with Google AI
End-to-end application that combines our most advanced conversational AI.

Document AI
Document processing and data capture automated at scale.

Vertex AI Search for commerce
Google-quality search and product recommendations for retailers.

Google Cloud with Gemini
AI assistants for application development, coding, and more.

Generative AI on Google Cloud
Transform content creation and discovery, research, customer service, and developer efficiency with the power of generative AI.

APIs and Applications
Speed up the pace of innovation without coding, using APIs, apps, and automation.

New Business Channels Using APIs
Attract and empower an ecosystem of developers and partners.

Unlocking Legacy Applications Using APIs
Cloud services for extending and modernizing legacy apps.

Open Banking APIx
Simplify and accelerate secure delivery of open banking compliant APIs.

Data Analytics
Generate instant insights from data at any scale with a serverless, fully managed analytics platform that significantly simplifies analytics.

Data Migration
Migrate and modernize your data warehouse and data lakes with AI-powered migration services.

Data Lakehouse
Unify and govern your multimodal data with a high-performance and open data lakehouse.

Real-time Analytics
Insights from ingesting, processing, and analyzing event streams.

Marketing Analytics
Solutions for collecting, analyzing, and activating customer data.

Datasets
Data from Google, public, and commercial providers to enrich your analytics and AI initiatives.

Business Intelligence
Solutions for modernizing your BI stack and creating rich data experiences.

AI for Data Analytics
Write SQL, build predictive models, and visualize data with AI for data analytics.

Geospatial Analytics
A comprehensive platform to solve for geospatial use cases at scale.

Databases
Migrate and manage enterprise data with security, reliability, high availability, and fully managed data services.

Database Migration
Guides and tools to simplify your database migration life cycle.

Database Modernization
Upgrades to modernize your operational database infrastructure.

Databases for Games
Build global, live games with Google Cloud databases.

Google Cloud Databases
Database services to migrate, manage, and modernize data.

Migrate Oracle workloads to Google Cloud
Rehost, replatform, rewrite your Oracle workloads.

Open Source Databases
Fully managed open source databases with enterprise-grade support.

SQL Server on Google Cloud
Options for running SQL Server virtual machines on Google Cloud.

Gemini for Databases
Supercharge database development and management with AI.

Infrastructure Modernization
Migrate quickly with solutions for SAP, VMware, Windows, Oracle, and other workloads.

Application Migration
Discovery and analysis tools for moving to the cloud.

SAP on Google Cloud
Certifications for running SAP applications and SAP HANA.

High Performance Computing
Compute, storage, and networking options to support any workload.

Windows on Google Cloud
Tools and partners for running Windows workloads.

Data Center Migration
Migration solutions for VMs, apps, databases, and more.

Active Assist
Automatic cloud resource optimization and increased security.

Virtual Desktops
Remote work solutions for desktops and applications (VDI & DaaS).

Rapid Migration and Modernization Program
End-to-end migration program to simplify your path to the cloud.

Backup and Disaster Recovery
Ensure your business continuity needs are met.

Red Hat on Google Cloud
Google and Red Hat provide an enterprise-grade platform for traditional on-prem and custom applications.

Cross-Cloud Network
Simplify hybrid and multicloud networking, and secure your workloads, data, and users.

Observability
Monitor, troubleshoot, and improve app performance with end-to-end visibility.

Productivity and Collaboration
Change the way teams work with solutions designed for humans and built for impact.

Google Workspace
Collaboration and productivity tools for enterprises.

Google Workspace Essentials
Secure video meetings and modern collaboration for teams.

Cloud Identity
Unified platform for IT admins to manage user devices and apps.

Chrome Enterprise
ChromeOS, Chrome Browser, and Chrome devices built for business.

Security
Detect, investigate, and respond to online threats to help protect your business.

Agentic SOC
Delivering better security outcomes with AI agents.

Web App and API Protection
Threat and fraud protection for your web applications and APIs.

Security and Resilience Framework
Solutions for each phase of the security and resilience life cycle.

Risk and compliance as code (RCaC)
Solution to modernize your governance, risk, and compliance function with automation.

Software Supply Chain Security
Solution for improving end-to-end software supply chain security.

Security Foundation
Recommended products to help achieve a strong security posture.

Google Cloud Cybershield™
Strengthen nationwide cyber defense.

Startups and SMB
Accelerate startup and SMB growth with tailored solutions and programs.

Startup Program
Get financial, business, and technical support to take your startup to the next level.

Small and Medium Business
Explore solutions for web hosting, app development, AI, and analytics.

Software as a Service
Build better SaaS products, scale efficiently, and grow your business.

Featured Products

Compute Engine
Virtual machines running in Google’s data center.

Cloud Storage
Object storage that’s secure, durable, and scalable.

BigQuery
Autonomous data to AI platform for analytics and data science.

Cloud Run
Fully managed environment for running containerized apps.

Google Kubernetes Engine
Managed environment for running containerized apps.

Vertex AI
Unified platform for ML models and generative AI.

Looker
Platform for BI, data applications, and embedded analytics.

Apigee API Management
Manage the full life cycle of APIs anywhere with visibility and control.

Cloud SQL
Relational database services for MySQL, PostgreSQL and SQL Server.

Gemini Enterprise
Secure platform to discover, create, run, and govern AI agents.

Cloud CDN
Content delivery network for delivering web and video.

Not seeing what you're looking for?
See all products (100+)

AI and Machine Learning

Vertex AI Platform
Unified platform for ML models and generative AI.

Vertex AI Studio
Build, tune, and deploy foundation models on Vertex AI.

Vertex AI Agent Builder
Build and deploy gen AI experiences.

Conversational Agents
Build conversational AI with both deterministic and gen AI functionality.

Vertex AI Search
Build Google-quality search for your enterprise apps and experiences.

Speech-to-Text
Speech recognition and transcription across 125 languages.

Text-to-Speech
Speech synthesis in 220+ voices and 40+ languages.

Translation AI
Language detection, translation, and glossary support.

Gemini Enterprise
Secure platform to discover, create, run, and govern AI agents.

Vision AI
Custom and pre-trained models to detect emotion, text, and more.

Contact Center as a Service
Omnichannel contact center solution that is native to the cloud.

Not seeing what you're looking for?
See all AI and machine learning products

Business Intelligence

Looker
Platform for BI, data applications, and embedded analytics.

Looker Studio
Interactive data suite for dashboarding, reporting, and analytics.

Compute

Compute Engine
Virtual machines running in Google’s data center.

App Engine
Serverless application platform for apps and back ends.

Cloud GPUs
GPUs for ML, scientific computing, and 3D visualization.

Migrate to Virtual Machines
Server and virtual machine migration to Compute Engine.

Spot VMs
Compute instances for batch jobs and fault-tolerant workloads.

Batch
Fully managed service for scheduling batch jobs.

Sole-Tenant Nodes
Dedicated hardware for compliance, licensing, and management.

Bare Metal
Infrastructure to run specialized workloads on Google Cloud.

Recommender
Usage recommendations for Google Cloud products and services.

VMware Engine
Fully managed, native VMware Cloud Foundation software stack.

Cloud Run
Fully managed environment for running containerized apps.

Not seeing what you're looking for?
See all compute products

Containers

Google Kubernetes Engine
Managed environment for running containerized apps.

Cloud Run
Fully managed environment for running containerized apps.

Cloud Build
Solution for running build steps in a Docker container.

Artifact Registry
Package manager for build artifacts and dependencies.

Cloud Code
IDE support to write, run, and debug Kubernetes applications.

Cloud Deploy
Fully managed continuous delivery to GKE and Cloud Run.

Migrate to Containers
Components for migrating VMs into system containers on GKE.

Deep Learning Containers
Containers with data science frameworks, libraries, and tools.

Knative
Components to create Kubernetes-native cloud-based software.

Data Analytics

BigQuery
Autonomous data to AI platform for analytics and data science.

Looker
Platform for BI, data applications, and embedded analytics.

Dataflow
Real-time analytics for stream and batch processing.

Pub/Sub
Messaging service for event ingestion and delivery.

Dataproc
Managed service for running Apache Spark and Apache Hadoop clusters.

Google Cloud Serverless for Apache Spark
Quick VM startup and dynamic autoscaling for Spark workloads.

Cloud Composer
Workflow orchestration service built on Apache Airflow.

BigLake
Storage engine for building data lakehouses with Apache Iceberg.

Dataplex Universal Catalog
A unified data-to-AI governance fabric for all Google Cloud services.

BigQuery Migration Services
Free-to-use, cloud-native and AI-powered data migration services.

Managed Service for Apache Kafka
Managed Kafka service to operate highly available Apache Kafka clusters.

Not seeing what you're looking for?
See all data analytics products

Databases

AlloyDB for PostgreSQL
Fully managed, PostgreSQL-compatible database for enterprise workloads.

Cloud SQL
Fully managed database for MySQL, PostgreSQL, and SQL Server.

Firestore
Highly scalable and serverless NoSQL document database, with MongoDB compatibility.

Spanner
Cloud-native relational database with unlimited scale and 99.999% availability.

Bigtable
Cloud-native wide-column database for large-scale, low-latency workloads.

Datastream
Serverless change data capture and replication service.

Database Migration Service
Serverless, minimal downtime migrations to Cloud SQL.

Bare Metal Solution
Fully managed infrastructure for your Oracle workloads.

Memorystore
Fully managed Redis and Memcached for sub-millisecond data access.

Developer Tools

Artifact Registry
Universal package manager for build artifacts and dependencies.

Cloud Code
IDE support to write, run, and debug Kubernetes applications.

Cloud Build
Continuous integration and continuous delivery platform.

Cloud Deploy
Fully managed continuous delivery to GKE and Cloud Run.

Cloud Deployment Manager
Service for creating and managing Google Cloud resources.

Cloud SDK
Command-line tools and libraries for Google Cloud.

Cloud Scheduler
Cron job scheduler for task automation and management.

Cloud Source Repositories
Private Git repository to store, manage, and track code.

Infrastructure Manager
Automate infrastructure management with Terraform.

Cloud Workstations
Managed and secure development environments in the cloud.

Gemini Code Assist
AI-powered assistant available across Google Cloud and your IDE.

Not seeing what you're looking for?
See all developer tools

Distributed Cloud

Google Distributed Cloud Connected
Distributed cloud services for edge workloads.

Google Distributed Cloud Air-gapped
Distributed cloud for air-gapped workloads.

Hybrid and Multicloud

Google Kubernetes Engine
Managed environment for running containerized apps.

Apigee API Management
API management, development, and security platform.

Migrate to Containers
Tool to move workloads and existing applications to GKE.

Cloud Build
Service for executing builds on Google Cloud infrastructure.

Observability
Monitoring, logging, and application performance suite.

Cloud Service Mesh
Fully managed service mesh based on Envoy and Istio.

Google Distributed Cloud
Fully managed solutions for the edge and data centers.

Industry Specific

Anti Money Laundering AI
Detect suspicious, potential money laundering activity with AI.

Cloud Healthcare API
Solution for bridging existing care systems and apps on Google Cloud.

Device Connect for Fitbit
Gain a 360-degree patient view with connected Fitbit data on Google Cloud.

Telecom Network Automation
Ready to use cloud-native automation for telecom networks.

Telecom Data Fabric
Telecom data management and analytics with an automated approach.

Telecom Subscriber Insights
Ingests data to improve subscriber acquisition and retention.

Spectrum Access System (SAS)
Controls fundamental access to the Citizens Broadband Radio Service (CBRS).

Integration Services

Application Integration
Connect to 3rd party apps and enable data consistency without code.

Workflows
Workflow orchestration for serverless products and API services.

Apigee API Management
Manage the full life cycle of APIs anywhere with visibility and control.

Cloud Tasks
Task management service for asynchronous task execution.

Cloud Scheduler
Cron job scheduler for task automation and management.

Dataproc
Service for running Apache Spark and Apache Hadoop clusters.

Cloud Data Fusion
Data integration for building and managing data pipelines.

Cloud Composer
Workflow orchestration service built on Apache Airflow.

Pub/Sub
Messaging service for event ingestion and delivery.

Eventarc
Build an event-driven architecture that can connect any service.

Management Tools

Cloud Shell
Interactive shell environment with a built-in command line.

Cloud console
Web-based interface for managing and monitoring cloud apps.

Cloud Endpoints
Deployment and development management for APIs on Google Cloud.

Cloud IAM
Permissions management system for Google Cloud resources.

Cloud APIs
Programmatic interfaces for Google Cloud services.

Service Catalog
Service catalog for admins managing internal enterprise solutions.

Cost Management
Tools for monitoring, controlling, and optimizing your costs.

Observability
Monitoring, logging, and application performance suite.

Carbon Footprint
Dashboard to view and export Google Cloud carbon emissions reports.

Config Connector
Kubernetes add-on for managing Google Cloud resources.

Active Assist
Tools for easily managing performance, security, and cost.

Not seeing what you're looking for?
See all management tools

Maps and Geospatial

Earth Engine
Geospatial platform for Earth observation data and analysis.

Google Maps Platform
Create immersive location experiences and improve business operations.

Media Services

Cloud CDN
Content delivery network for serving web and video content.

Live Stream API
Service to convert live video and package for streaming.

OpenCue
Open source render manager for visual effects and animation.

Transcoder API
Convert video files and package them for optimized delivery.

Video Stitcher API
Service for dynamic or server side ad insertion.

Migration

Migration Center
Unified platform for migrating and modernizing with Google Cloud.

Application Migration
App migration to the cloud for low-cost refresh cycles.

Migrate to Virtual Machines
Components for migrating VMs and physical servers to Compute Engine.

Cloud Foundation Toolkit
Reference templates for Deployment Manager and Terraform.

Database Migration Service
Serverless, minimal downtime migrations to Cloud SQL.

Migrate to Containers
Components for migrating VMs into system containers on GKE.

BigQuery Migration Services
Streamlined data warehouse and data lake migration tooling and incentives.

Rapid Migration and Modernization Program
End-to-end migration program to simplify your path to the cloud.

Transfer Appliance
Storage server for moving large volumes of data to Google Cloud.

Storage Transfer Service
Data transfers from online and on-premises sources to Cloud Storage.

VMware Engine
Migrate and run your VMware workloads natively on Google Cloud.

Mixed Reality

Immersive Stream for XR
Hosts, renders, and streams 3D and XR experiences.

Networking

Cloud Armor
Security policies and defense against web and DDoS attacks.

Cloud CDN and Media CDN
Content delivery network for serving web and video content.

Cloud DNS
Domain name system for reliable and low-latency name lookups.

Cloud Load Balancing
Service for distributing traffic across applications and regions.

Cloud NAT
NAT service for giving private instances internet access.

Cloud Connectivity
Connectivity options for VPN, peering, and enterprise needs.

Network Connectivity Center
Connectivity management to help simplify and scale networks.

Network Intelligence Center
Network monitoring, verification, and optimization platform.

Network Service Tiers
Cloud network options based on performance, availability, and cost.

Virtual Private Cloud
Single VPC for an entire organization, isolated within projects.

Private Service Connect
Secure connection between your VPC and services.

Not seeing what you're looking for?
See all networking products

Operations

Cloud Logging
Google Cloud audit, platform, and application logs management.

Cloud Monitoring
Infrastructure and application health with rich metrics.

Error Reporting
Application error identification and analysis.

Managed Service for Prometheus
Fully-managed Prometheus on Google Cloud.

Cloud Trace
Tracing system collecting latency data from applications.

Cloud Profiler
CPU and heap profiler for analyzing application performance.

Cloud Quotas
Manage quotas for all Google Cloud services.

Productivity and Collaboration

AppSheet
No-code development platform to build and extend applications.

Gemini Enterprise
Secure platform to discover, create, run, and govern AI agents.

Google Workspace
Collaboration and productivity tools for individuals and organizations.

Google Workspace Essentials
Secure video meetings and modern collaboration for teams.

Cloud Identity
Unified platform for IT admins to manage user devices and apps.

Chrome Enterprise
ChromeOS, Chrome browser, and Chrome devices built for business.

Security and Identity

Cloud IAM
Permissions management system for Google Cloud resources.

Sensitive Data Protection
Discover, classify, and protect your valuable data assets.

Mandiant Managed Defense
Find and eliminate threats with confidence 24x7.

Google Threat Intelligence
Know who’s targeting you.

Security Command Center
Platform for defending against threats to your Google Cloud assets.

Cloud Key Management
Manage encryption keys on Google Cloud.

Mandiant Incident Response
Minimize the impact of a breach.

Chrome Enterprise Premium
Get secure enterprise browsing with extensive endpoint visibility.

Assured Workloads
Compliance and security controls for sensitive workloads.

Google Security Operations
Detect, investigate, and respond to cyber threats.

Mandiant Consulting
Get expert guidance before, during, and after an incident.

Not seeing what you're looking for?
See all security and identity products

Serverless

Cloud Run
Fully managed environment for running containerized apps.

Cloud Functions
Platform for creating functions that respond to cloud events.

App Engine
Serverless application platform for apps and back ends.

Workflows
Workflow orchestration for serverless products and API services.

API Gateway
Develop, deploy, secure, and manage APIs with a fully managed gateway.

Storage

Cloud Storage
Object storage that’s secure, durable, and scalable.

Block Storage
High-performance storage for AI, analytics, databases, and enterprise applications.

Filestore
File storage that is highly scalable and secure.

Persistent Disk
Block storage for virtual machine instances running on Google Cloud.

Cloud Storage for Firebase
Object storage for storing and serving user-generated content.

Local SSD
Block storage that is locally attached for high-performance needs.

Storage Transfer Service
Data transfers from online and on-premises sources to Cloud Storage.

Google Cloud Managed Lustre
High performance managed parallel file service.

Google Cloud NetApp Volumes
File storage service for NFS, SMB, and multi-protocol environments.

Backup and DR Service
Service for centralized, application-consistent data protection.

Web3

Blockchain Node Engine
Fully managed node hosting for developing on the blockchain.

Blockchain RPC
Enterprise-grade RPC for building on the blockchain.

Save money with our transparent approach to pricing
Google Cloud's pay-as-you-go pricing offers automatic savings based on monthly usage and discounted rates for prepaid resources. Contact us today to get a quote.
Request a quote

Save money with our transparent approach to pricing
Request a quote
Pricing overview and tools
Google Cloud pricing
Pricing calculator
Google Cloud free tier
Cost optimization framework
Cost management tools
Product-specific Pricing
Compute Engine
Cloud SQL
Google Kubernetes Engine
Cloud Storage
BigQuery
See full price list with 100+ products