Make your analysts 10x more productive.
Tackle your toughest security challenges with our focused, pre-built applications.
THREAT HUNTING AND INVESTIGATION
Quickly evaluate alerts and understand attack details
Triaging a stream of security alerts can wear out even the best analysts, causing them to miss real threats. That’s why Chronicle works at the speed of search, returning a full picture of the activity around an alert. Hunt for a domain, URL, file hash, or user name and see everything that led up to an incident, and everything after. Pivot, drill down, and zoom out to get the full story, all in a few seconds.

Chronicle’s threat investigation capabilities build on continuous, automated and retroactive correlation of all your security telemetry with a variety of threat intelligence sources. This includes context from VirusTotal; embedded threat intelligence sources including Proofpoint, DHS, Avast, and AVG; as well as customer provided threat intelligence feeds. With Chronicle, investigations and hunts that might have taken days to complete can be performed in seconds, making your analysts far more productive.
THREAT DETECTION
Detect modern threats at Google speed and scale
Chronicle threat detection starts with its Unified Data Model (UDM), a comprehensive and extensible schema for any security relevant telemetry. Data sent to Chronicle’s UDM is enriched with context (asset, user, threat intelligence, and vulnerabilities) and correlation (IP to host for example). A powerful rules engine syntax (YARA-L) enables analysts to build detection rules for advanced and complex threats easily by operating on abstracted and enriched UDM data.

A library of extensible pre-built rules provides out of the box coverage for numerous malware variants, ransomware, trojans, suspicious behavior, MITRE ATT&CK techniques, lolbin attacks and more. Chronicle customers can also take advantage of detection rules and threat indicators from Uppercase, Chronicle’s dedicated threat research team.
Malware analysis
Explore a global malware information system
VirusTotal Enterprise enables malware analysis using one of the largest malware intelligence databases in the world. Link and visualize malware relationships between external files, domains and internal assets with Private Graph, or perform YARA and content-based searches for malware samples with VirusTotal Intelligence. Want to stay up to date on the latest threats? Use VirusTotal Hunt to get alerts whenever new malware types are detected.
Get in touch
The path to stronger, more affordable cybersecurity starts here. Contact us to request a demo, ask questions, or just say hi.
CTA_Arrow_WHITE Created with Sketch.
What's New
Stay up to date with Chronicle