Hello Cloud Security Champions,

Coinciding with Google Cloud Next '22, Chronicle made some big news. We unveiled Chronicle Security Operations, a modern, cloud-born software suite that unifies SIEM, SOAR and threat intelligence to better enable cybersecurity teams to detect, investigate, and respond to threats with the speed, scale and intelligence of Google.

Read all about this game-changing news and what it means for you here.

SecOps Community Spotlight

Last week we unveiled the community's updated brand and design, and we are inviting you to unpack it with us. Check out the new designs, Slack, LinkedIn and the free edition of Chronicle SOAR. Find out what's new, what you already know, and tell us what you think!  

Please ALSO allow us to take this moment to welcome you, old and new community members, to the Google Cloud SecOps community. We are excited to embark on this journey with you all and are eager to know what else we can offer.

Chronicle SIEM Updates

Chronicle has been rebranded to Chronicle SIEM! Check out our newly refreshed website at https://chronicle.security

Curated Detections enhancements

Chronicle Curated Detections has been enhanced with the following additional detection content: 

• Windows-based threats:
  • Living off the land (LotL): identifies tools native to Microsoft Windows operating systems that can be abused by threat actors for malicious purposes.
• Cloud attacks and cloud misconfigurations:
• Cloud Hacktool: detects activity from known offensive security platforms or tools used by threat actors that target resources on Google Cloud.
• IAM Abuse: detects activity associated with abusing IAM roles and permissions to potentially escalate privilege or move laterally within a given Google Cloud project or across a Google Cloud organization.

Chronicle Feed Management enhancements

Feed Management UI/API: 

• Customers can self-service configure their out-of-band ingestion, including fetching data from common cloud object stores and supported SaaS feeds. Customers and partners can see a list of all the feeds that are configured in their environment, add new feeds, and edit and delete feeds covering over 1000 log types.

This GA launch adds the following capabilities:

• More user-visible insight into the behavior of feeds, including error messages, so customers can troubleshoot feed errors
• Self-service feed enablement/disablement
• Support for namespace labeling to help disambiguate overlapping IP addresses
• Improved Feed Management User Guide and API documentation

To find a comprehensive list of recent Chronicle Release Notes/Changes, go here.

Chronicle SOAR Updates

Siemplify has been rebranded to Chronicle SOAR. You’re probably wondering if there's work for you to do here. Let us put your mind at ease - there is nothing you need to do. Except maybe follow some new social handles!

Here’s what you can expect:

• We moved our website presence and all your favorite resources to https://chronicle.security/.
• You’ll find new SOAR and security operations related blog content at https://chronicle.security/blog/.
• Siemplify Twitter and LinkedIn content has moved to @chroniclesec and https://www.linkedin.com/company/chroniclesec. Be sure to join us there to stay up to date with the latest and greatest SOAR news.
• The Siemplify Partner Portal remains as your go to for deal registration and partner specific resources.

SecOps Events, Trainings & Content

Intro to the Chronicle Security Operations Suite (Nov 16)

Explore the Chronicle Security Operations cloud-native suite that enables your security teams to detect, investigate, and respond to cyberthreats with the speed, scale, and intelligence of Google.

Customer Meetup: Detecting Security Threats and Vulnerabilities With Chronicle (Dec 6)

Join our live customer meetup for a safe space to meet with your peers and Googlers, share best practices, ask questions, learn from each other, and connect with those going through a similar journey.

Google Cloud Security Talks (Dec 7)

During this year’s final Google Cloud Security Talks, hear from the experts on how to transform your SecOps, why Zero Trust should be the foundation for your data protection strategy, and a personalized look at the latest threat research.

Modernize Your SOC For The Future (Dec 14)

See how you can transform your security team and how Chronicle Security Operations has cracked the code on speed, scale, automation, and the detection/investigation/response processes.