Google Security Operations Q2, 2023 Feature Roundup
Check out what's new in Google Security Operations with a breakdown of key features delivered by quarter.
Check out what's new in Google Security Operations with a breakdown of key features delivered by quarter.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on November 30th, 2024 and introduces Saved Searches within the UDM search interface.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on August 15th, 2023 and introduces global threat intelligence in the entity graph that can be used for YARA-L rules; tor exit nodes and remote access tools.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on July 27th, 2023 and is a set of examples based on user questions.
Are you maximizing the value of your Security Command Center data? Discover how BigQuery can transform SCC into a powerful security analytics engine.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on July 13th, 2023 and is a question and answer session based on user questions raised over the past few months.
Level up your Detection Engineering capabilities by implementing a modern workflow that uses free tools to automate the management of detection rules in Chronicle.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on June 22nd, 2023 and demonstrates how first and last seen can be used for rule building in YARA-L.
Check out what's new in Google Security Operations with a breakdown of key features delivered by quarter.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on June 8th, 2023 and introduces the concept of Grouped Fields within the UDM search interface.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on April 20th, 2023 and introduces prevalence in Google SecOps and how it can be applied to YARA-L rules for domains, ip addresses and file hashes.
As we continue with metrics and their functions, we move beyond network metrics and use authentication events to illustrate use with additional metric capabilities like first and last seen.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on April 13th, 2023 and continues to examine how to integrate your own threat intelligence into Google SecOps and outputting additional context from your YARA-L rule.
Level up your Detection Engineering capabilities by implementing a modern workflow that uses free tools to automate the management of detection rules in Chronicle.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on March 29th, 2023 and demonstrates how 3rd party threat intelligence can be ingested into Google SecOps and used in writing YARA-L rules.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on March 9th, 2023 and introduces how Safe Browsing can be used with Google SecOps to drive greater awareness around suspicious binaries.
Check out what's new in Google Security Operations with a breakdown of key features delivered by quarter.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on February 23rd, 2023 and applies the concepts of contextual awareness to rule writing using YARA-L.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on February 2nd, 2023 and introduces contextual awareness, the ability for assets and user stores to automatically associate events and entities together and how these entity values can be searched.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on January 9th, 2023 and introduces additional functions around dates and numeric values that we have not covered in previous blogs.
Level up your Detection Engineering capability by implementing a modern workflow that uses free tools to automate the management of detection rules in Chronicle.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on December 14th, 2022 and introduces the network function net.ip_in_range_cidr for use in YARA-L rules to focus our rules on specific CIDR netblocks and then applies this to CIDR reference lists.
Organizations can now uncover more threats with less effort with Applied Threat Intelligence in Google Chronicle Security Operations. Our intelligence-driven security operations takes on the burden of operationalizing Google’s threat intelligence to unlock deeper threat hunting and investigation workflows, helping teams become more efficient.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on December 1st, 2022 and builds on our base64 and regular expression functions by adding reference lists to our rule.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on November 16th, 2022 and introduces the UDM search interface.
You give us two minutes, we'll give you the world of SecOps. In Part Two of our "threat hunting" episode, Google Cloud Principal Security Strategist John Stoner offers three approaches you can consider when jumping into a hunt and why having a strategy — including the day you start the hunt — matters.
You give us two minutes, we'll give you the world of SecOps. In this episode, Google Cloud Principal Security Strategist John Stoner breaks down the merits of threat hunting and shares why, depending on the maturity of your detection and response capabilities, the practice may not be right for everybody.
Building on our introduction of metrics and their functions, we look at various aggregation options and apply these to a sample detection rule to identify outlier network traffic.
The “New to Chronicle” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on November 7th, 2022 and introduces the re.replace function for use in YARA-L rules and demonstrates its use with other regex and base64 decode functions.
You give us two minutes, we'll give you the world of security operations. This episode of "Fastest Two Minutes in SecOps" boils down a very big conversation -- cloud security -- into something digestible. Google Cloud Head of Adoption Engineering Dave Herrald explains how the changing security boundaries of the cloud prompt the need for new security controls, shares how your team needs to be built, and discusses why IAM is so critical.