This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Google Security Operations Q3, 2023 Feature Roundup

Posted a month ago
and filed in security-blog
ahnna
Staff

The “Google on SecOps” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on November 7th, 2023 by Ahnna Schini & Kristen Cooper. Going forward, all Google Security Operations (formerly known as Chronicle Security Operations) blogs will be published here. 

Google Security Operations is coming off a pivotal third quarter. Not only did we announce a unified approach to TDIR, but continued to make enhancements towards everyday functionality. Dive into the top features below to see how Google Security Operations is adding value to customers’ day-to-day operations while also reducing legacy SIEM headaches.

Unified Security Operations Experience

Say goodbye to console switching. Our new consolidated experience for Google Security Operations streamlines the TDIR experience so you can easily access relevant context and pivot between alerts, cases, investigation, and playbooks.

Integration with Mandiant Attack Surface Management

Continuously identify and validate exploitable entry points into your organization with the new Mandiant Attack Surface Management integration. 

Mandiant ASM Integration - image 2.png

Enrich Events with Applied Threat Intelligence

Automatically enrich and contextualize every event with the latest, market-leading threat intelligence from Google Cloud, Mandiant, and VirusTotal, to help eliminate blindspots and ultimately detect more threats.

Applied threat intel - image 3.png

AI-powered Productivity

With Gemini, you can now enter questions in natural language and Google Security Operations will generate the query from your statement, present a fully mapped syntax for search, and make it possible for you to quickly refine and iterate on results. 

You can also leverage Gemini to automatically get a clear summary of what’s happening in cases, receive context and guidance on important threats, and recommendations for how to respond. 

Duet AI - image 4.png

Expert Help from Mandiant Threat Hunters

Close the skills gap and gain elite-level support without the burden of hiring, tooling, and training. With Mandiant Hunt, you can now have Mandiant experts continuously hunt for threats in your environment. 

Mandiant Hunt - image 5.png

Self-service Parser Management

Gain full control over how your logs are normalized. With new self-service parser management, you can now easily create and customize parsers. 

Power More Complete Data Analytics

Level-up data exploration, advanced analytics, dashboarding and reporting of your UDM events data with the new BigQuery UDM events table. 

Intelligent Query Creation

Expand exploration across the product with new UDM search capabilities including reverse-lookup against UDM fields and suggested starting points from history, saved searches, and shared search.

Expanded Regional Support

Meet long-term compliance and jurisdictional requirements with expanded regional support in Israel (Tel Aviv). 

Interested in seeing more? Schedule a demo today to see how you can leverage these new features.

1 0 75
Article Labels