Hello Cloud Security Champions,
Stay up-to-date on all the latest with SIEM and SOAR by reading our Google SecOps Customer Newsletter! Posted every other month, this is where you can see a summary of major product updates, resources, learning, training, community spotlights, best practices, and events.
SecOps Community Spotlight
This past month we launched some exciting new things, including the Chronicle users Tips and Tricks Book! You sent us your best Chronicle SOAR tips and tricks, we created a book out of it, and the result is pretty amazing!
Thanks to all of the amazing community members who shared their brilliant ideas with us!
SecOps Community Office Hours
As your familiarity with Chronicle continues to grow, we are seeing your desire to learn more. To give you an edge and help you learn, we have decided to offer SecOps community office hours!
So, how does it work?
Can’t wait to see you there!
Chronicle SIEM Updates
New Chronicle Region
New UDM Search Capability
With this update, you’ll be able to:
Find all the details from this launch and what it means for you here.
Context-Aware Detection and Analytics Enhancements
Introducing Chronicle’s integration with Cloud DLP:
Curated Detections Enhancements
To find a comprehensive list of recent Chronicle Release Notes/Changes, go here.
Chronicle SOAR Updates
New Data Retention process starting February 1st 2023
Please note that for existing customers, the data retention period will be set to 5 years.
What does this mean for you?
What if I need a shorter retention time than the contract period?
GCP Migration Update
Updated Mandiant Threat Intel Integration
Updated Learning Portal
Chronicle Security Operations Tips and Tricks
Managing information throughout an alert’s lifecycle can be challenging. There are many instances when we need to recall specific results from enrichment blocks in email templates or other often separated sections of a playbook. Context Values are the simple trick to keeping important information accessible throughout the lifecycle of an alert, case or even globally in Chronicle SOAR. They can take any name a user might need and even allow you to specify the scope of the context value so common names won’t overlap. Learning how to use context values to their full advantage will significantly increase your ability to get the most out of your playbooks.
Follow this link to read “How to Use Context Values”
SecOps Events, Trainings & Content
The Defender’s Advantage Virtual Series (Feb 14)
Explore the six critical functions of Cyber Defense, learn how to build and mature a robust Cyber Defense program, and discover best practices for effective threat detection and response.
January 2023 Threat Horizons Report
This report brings decision-makers strategic intelligence on threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from throughout Google.
Securing Software Supply Chains Report
This is the first report in a new research series that breaks down the most complex, emerging security trends and examines how Google can help enterprises and governments address them.