Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Mandiant Hunt for Chronicle Uncover hidden attacks with elite threat hunters by your side.
SOC Modernization Protect your organization against modern-day threats.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Chronicle CyberShield Helping Governments Defend Against Modern Threats
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners arrow_forward expand_more
Partners

We work together with our partners to help our customers protect themselves.

Partners
Overview Through product integrations and security expertise, together we bring more effective solutions to market.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Contact us Visit the contact us page
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Mandiant Hunt for Chronicle Uncover hidden attacks with elite threat hunters by your side.
SOC Modernization Protect your organization against modern-day threats.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Chronicle CyberShield Helping Governments Defend Against Modern Threats
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners arrow_forward expand_more
Partners

We work together with our partners to help our customers protect themselves.

Partners
Overview Through product integrations and security expertise, together we bring more effective solutions to market.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Mandiant is now part of Google Cloud. Learn More Mandiant is now part of Google Cloud. .

Google on SecOps

A blog helping you win at security operations through best practices, new ideas, product updates, and more.

September 28, 2023
New to Chronicle: Dashboarding - Using Pivot to Create a Time Chart
Read article New to Chronicle: Dashboarding - Using Pivot to Create a Time Chart
September 14, 2023
New to Chronicle: Dashboarding - Tabular Summary of Detections
New to Chronicle: Dashboarding - Tabular Summary of Detections
September 07, 2023
The power of BeyondCorp Enterprise with Chronicle
The power of BeyondCorp Enterprise with Chronicle
August 29, 2023
New To Chronicle: Building Our First Dashboard Tile
New To Chronicle: Building Our First Dashboard Tile
All the latest
Click for Chronicle's RSS feed
Filter topics:
Sort: Latest
November 30, 2023
New to Chronicle: Saved Searches
November 14, 2023
The Value of Early Knowledge; Discover Active Breach Investigations as They Happen
November 9, 2023
New to Chronicle: Formatting, Filtering and Sharing Dashboards
November 7, 2023
Chronicle Security Operations Q3 Feature Roundup
October 11,2023
New to Chronicle: Building Dashboards Using Custom Fields
September 28, 2023
New to Chronicle: Dashboarding - Using Pivot to Create a Time Chart
September 14, 2023
New to Chronicle: Dashboarding - Tabular Summary of Detections
September 07, 2023
The power of BeyondCorp Enterprise with Chronicle
August 29, 2023
New To Chronicle: Building Our First Dashboard Tile
August 15, 2023
New to Chronicle: Detecting Tor Exit Nodes and Remote Access Tools
August 8, 2023
Chronicle Security Operations Q2 Feature Roundup
August 3, 2023
Better Together: Detecting Suspicious Okta Events with Chronicle Detections
July 27, 2023
New to Chronicle: User Mailbag, Part 2
July 13, 2023
New to Chronicle: User Mailbag, Part 1
June 22, 2023
New to Chronicle: First and Last Seen
June 8, 2023
New to Chronicle: Grouped Fields
May 25, 2023
A Look Back at Curated Detections
May 23, 2023
New to Chronicle: Pivoting in UDM Search - Part 2 of 2
May 11. 2023
New to Chronicle: Pivoting in UDM Search - Part 1 of 2
May 9, 2023
Chronicle Security Operations Q1 Feature Roundup
April 20, 2023
New To Chronicle: Adding Prevalence to Your Analysis
April 13, 2023
New to Chronicle: Building Rules with Your Own Threat Intel Part 2
March 29, 2023
New to Chronicle: Building Rules with Your Own Threat Intel Part 1
March 20, 2023
Chronicle Security Operations Feature Roundup
March 9, 2023
New to Chronicle: Safe Browsing Integration
February 23, 2023
New to Chronicle: Building Rules with Contextual Awareness
February 14, 2023
New To Chronicle: VirusTotal Intelligence Enrichment
February 9, 2023
Using Automated GeoIP Enrichment in Chronicle
February 2, 2023
New to Chronicle: Contextual Awareness
January 9, 2023
New to Chronicle: A potpourri of functions
January 5, 2023
3 questions to ask when adding to your security operations tech stack
December 21, 2022
5 security operations trends and tips for 2023
December 14, 2022
New to Chronicle: Fall is the perfect time for CIDR, particularly in functions and reference lists
December 7, 2022
How threat detection and incident response compare and contrast between cloud and on-premises
December 1, 2022
New to Chronicle: Regular expressions and reference lists
November 16, 2022
New to Chronicle: A new view for search
November 7, 2022
New to Chronicle: The replacements
November 2, 2022
How to kickstart automation for your security operations
October 26, 2022
Fastest Two Minutes in SecOps: Threat hunting [Part 2] [Video]
October 20, 2022
New to Chronicle: Capturing strings for additional analysis
October 13, 2022
Chronicle Security Operations launch: 3 things to know
October 10, 2022
New to Chronicle: Matching with regular expression functions
October 6, 2022
Your security operations playlist and how to register for Google Cloud Next 2022
October 5, 2022
Fastest Two Minutes in SecOps: Incident response [Video]
October 3, 2022
Meet Google's detection and response team in HACKING GOOGLE, a new six-part docuseries
September 27, 2022
Security Analyst Diaries #6: Finding the proverbial needle in a haystack with Chronicle SIEM's domain prevalence
September 22, 2022
New to Chronicle: Rule outcomes
September 21, 2022
3 key signs your managed security provider is prepared to detect and respond to cloud threats
September 12, 2022
Fastest Two Minutes in SecOps: Threat hunting [Part 1] [Video]
September 6, 2022
New to Chronicle: Multi-event rules
August 24, 2022
How Google detects and responds to threats across its network
August 18, 2022
New to Chronicle: Single event rules
August 11, 2022
Fastest Two Minutes in SecOps: Autonomic Security Operations [Video]
August 4, 2022
Security Analyst Diaries #4: Detection and Response on Google Workspace with Chronicle
August 2, 2022
[Infographic] Have your SIEM ... and augment it too
August 1, 2022
New to Chronicle: Unified data model
July 26, 2022
What it means to do threat detection, investigation, and response in the cloud [New paper]
July 20, 2022
What can you learn from this Google-commissioned survey on cloud risk?
July 6, 2022
Fastest Two Minutes in SecOps: Cloud security [Video]
June 27, 2022
How to think about cloud threats today
June 14, 2022
A simple SOAR adoption maturity model
June 2, 2022
How cybersecurity technology providers can harness Google Cloud’s security technologies with a new OEM partner program
June 1, 2022
Security Analyst Diaries #3: New ingestion metrics, new YARA-L functions, new VT widget
May 31, 2022
Three ways to stay one step ahead in a competitive MSSP market
May 23, 2022
Fastest Two Minutes in SecOps: Top SOC Challenges [Video]
May 19, 2022
How to power up your SOC training to improve detection, investigation, and response
May 17, 2022
Introducing SOAR for the age of anywhere operations
May 12, 2022
Learn, connect, and be inspired at Google Cloud Security Summit 2022 [plus how to stream it live]
May 10, 2022
Partnering in Europe to outsmart digital adversaries: Managed security providers and Google Cloud Security
May 7, 2022
[Infographic] The SOC Ecosystem
April 29, 2022
Gartner SOAR Magic Quadrant: When, where, and how?
April 5, 2022
How Managed Security Service Providers can accelerate their business with Google Cloud Security’s Partner Program using Google Chronicle
March 18, 2022
Security Analyst Diaries #2: Detect-alert-respond, context is key everywhere in security operations
March 16, 2022
Powering Security Operations with context-aware detections, alert prioritization and risk scoring in Google Chronicle.
February 22, 2022
Join us for Google Cloud Security Talks: Threat Detection & Response Edition
February 4, 2022
Security Analyst Diaries: Detecting GCP CIS control violations with native GCP Cloud Audit Logging…
December 30, 2021
9 security orchestration and automation benefits: How SOAR helps improve incident response
December 16, 2021
Detecting and responding to Apache “Log4j 2” using Google Chronicle
December 8, 2021
Your security operations cheat sheet for Windows and Linux logs (and how to tie them to the MITRE ATT&CK Framework)
November 18, 2021
New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center”
October 11, 2021
Investigate threats surfaced in Google Cloud’s Security Command Center using Chronicle
October 6, 2021
8 best practices for secure remote work access
September 27, 2021
Understanding SOC team roles and responsibilities
August 4, 2021
Introducing brand new visualizations in Chronicle
May 27, 2021
How to dynamically correlate Google Cloud Compute Engine instance network traffic using Chronicle
May 26, 2021
How to create an automated traffic allow list by Compute Engine instance type in Chronicle
May 14, 2021
Why your network security telemetry matters
May 14, 2021
Q&A Blog: Trends for the Modern SOC
May 12, 2021
Introducing Chronicle Detect
May 6, 2021
Introducing Threat Intel for Chronicle
April 29, 2021
New SOC Prime detection rules available in Chronicle
April 20, 2021
Today, You Really Want Cloud Native SIEM Capabilities!
February 2, 2021
New Paper: “Future of the SOC: SOC People — Skills, Not Tiers”
November 7, 2020
Hearing from CISOs at Google Cloud and Beyond
October 12, 2020
Why is Threat Detection Hard?
August 20, 2020
New Paper: “Future of the SOC: Forces shaping modern security operations”
August 4, 2020
Building a Modern Endpoint Architecture with Tanium
May 15, 2020
What is SIEM? The roadmap to a better SOC
March 5, 2020
One Year…and Counting!
August 16, 2018
What you should know about driving down MTTD and MTTR

Let’s work together

Ready for Google-speed threat detection and response?

Contact us Visit the contact us page