The “Google on SecOps” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on November 7th, 2023 by Ahnna Schini & Kristen Cooper. Going forward, all Google Security Operations (formerly known as Chronicle Security Operations) blogs will be published here.
Google Security Operations is coming off a pivotal third quarter. Not only did we announce a unified approach to TDIR, but continued to make enhancements towards everyday functionality. Dive into the top features below to see how Google Security Operations is adding value to customers’ day-to-day operations while also reducing legacy SIEM headaches.
Say goodbye to console switching. Our new consolidated experience for Google Security Operations streamlines the TDIR experience so you can easily access relevant context and pivot between alerts, cases, investigation, and playbooks.
Continuously identify and validate exploitable entry points into your organization with the new Mandiant Attack Surface Management integration.
Automatically enrich and contextualize every event with the latest, market-leading threat intelligence from Google Cloud, Mandiant, and VirusTotal, to help eliminate blindspots and ultimately detect more threats.
With Gemini, you can now enter questions in natural language and Google Security Operations will generate the query from your statement, present a fully mapped syntax for search, and make it possible for you to quickly refine and iterate on results.
You can also leverage Gemini to automatically get a clear summary of what’s happening in cases, receive context and guidance on important threats, and recommendations for how to respond.
Close the skills gap and gain elite-level support without the burden of hiring, tooling, and training. With Mandiant Hunt, you can now have Mandiant experts continuously hunt for threats in your environment.
Gain full control over how your logs are normalized. With new self-service parser management, you can now easily create and customize parsers.
Level-up data exploration, advanced analytics, dashboarding and reporting of your UDM events data with the new BigQuery UDM events table.
Expand exploration across the product with new UDM search capabilities including reverse-lookup against UDM fields and suggested starting points from history, saved searches, and shared search.
Meet long-term compliance and jurisdictional requirements with expanded regional support in Israel (Tel Aviv).
Interested in seeing more? Schedule a demo today to see how you can leverage these new features.