In this post, we will share how customers can detect and respond to Log4j 2, and discuss solutions available to Chronicle customers to manage the risk of the Apache “Log4j 2” vulnerability (CVE-2021–44228 and CVE-2021–45046).

In this episode of "Fastest Two Minutes in SecOps," Chronicle Security Specialist Rishalin Pillay breaks down the role of the SOC practitioner during an unfolding incident.

Google Chronicle and EMEA-based MSSP Hunt & Hackett have partnered to deliver advanced managed detection and response services.

With today’s rapidly escalating threat landscape, it is important that our customers have access to all context across their entire IT stack while responding to malicious threats.

How can you succeed in the cloud’s new detection (and response) context, architect a more resilient cloud, keep SOC teams less frustrated and more upbeat, and most of all leverage the cloud to kickstart your security operations transformation? In this video, Herald boils down a very big conversation—cloud security—into something salient and actionable. Enjoy!

As you canvas the growing pool of MDR options, here are some worthy questions you can ask to see how they stack up in their ability address cloud threats, summarized from a recent episode of the Cloud Security Podcast from Google.

Today we’re excited to announce a brand new integration between Chronicle and Security Command Center, Google Cloud’s security and risk management platform.

Introducing a new paper conveying the value of Google Chronicle augmentation, designed for organizations experiencing detection and response blind spots, namely limited visibility into security telemetry, scalability challenges, and inconsistent response capabilities.

A brand-new Google Cloud Security video series launches, coverings all things security operations. The premier episode of "Fastest Two Minutes in SecOps" addresses top SOC challenges.

In this episode of “Fastest Two Minutes in SecOps,” Google Cloud Principal Security Strategist John Stoner introduces you to the benefits of hunting, and also offers words of caution for teams who may rush into the practice before other competencies of their detection and response are sufficiently built out.

Learn about everything related to threat detection, investigation and response in our Q1 2022 Google Cloud Security Talks.

Cloud applications and infrastructure are different to defend than on-premises environments. This new whitepaper will guide security operations teams through the distinctions, nuances, and opportunities presented by the cloud.

This morning, Telefonica’s ElevenPaths announced its collaboration with Chronicle, to begin building new managed security services. MSSPs…

In the latest episode of "Fastest Two Minutes in SecOps," Diaz tells security operations professionals everything they need to know about how ransomware is evolving and key pointers to consider in a detection and response strategy.

Security operations center roles and responsibilities are fairly straightforward, but distinct in their requirements.

Building on our "SOAR for the age of anywhere operations" announcement, we continued our momentum and attention to the technology with a host of new features dedicated to driving efficient security operations.

While remote work offers many benefits to companies, it presents special security challenges that are not present in traditional office environments. This post identifies those challenges, explains how they change the nature of cybersecurity requirements and offers tips on how to secure remote access.

Google Cloud Security’s OEM Partner Program accelerates technology partner innovation with Chronicle and VirusTotal capabilities.

Dear diary, it's all about location, location, location. And Chronicle's GeoIP functionality delivers a simple and powerful use case to drive context-rich alarms within the SOC and detect login compromises.

We are excited to announce our new Chronicle MSSP Program, which will offer MSSPs around the world the ability to provide scalable, differentiated, and effective detection and response capabilities with our cloud-native SIEM product, Chronicle.

Google Cloud Security Summit happens Tuesday. Here is a look at what you can expect at the big virtual event for information security professionals.

For all the gripping drama and never-before-told stories that the series offers, particularly compelling for security operations professionals is Episode 002: Detection & Response, in which incident responders look back on the January 2001 North Korean-led operation that sought to socially engineer security researchers and infiltrate their digital properties. Google was one of the victims.

This slick Google Cloud infographic illustrates how modern security operations centers are forging new and symbiotic connections within and outside the organization.

Today, we’re excited to announce that we’re bringing more industry-leading Google technology to security teams by integrating Chronicle with Looker and BigQuery.

Integrating SOAR into your SOC can increase efficiency and effectiveness by correlating alerts from disparate security devices, automating tasks, and providing playbooks for incident handling.

It is with much excitement that we release a new paper about transforming your security operations, published under the Office of the CISO at Google Cloud.

If you make the wise decision to augment your SIEM with Chronicle, here are three compelling use cases illustrated that will help you achieve affordability, scalability and better response.

With the rebuild of the Chronicle website, we made improvements to its infrastructure to better automate the content management workflow within Kintaro and Google Sheets.

One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate. Let’s explore this topic for the (n+1)-th time.

In the cloud, are these new threats, or old and familiar threats against relatively new assets? What does the future potential hold for your adversaries? And what can your security operations team do to get ahead of this fast-moving landscape?

In this post, we will, however, attempt to provide insights on what a magic quadrant might look like for SOAR and what basis could be used for rating SOAR platforms.

The Chronicle team is excited to release new SOC Prime detection rules, now available to use in the Chronicle Detect rules engine.

Security information and event management (SIEM) tools are used to help enable just that—gathering critical machine-generated data, measuring threats, generating alerts and supporting IT security personnel with aggregations, charts and dashboards to highlight and prioritize events or deficiencies.

Prevalence has been a core feature of the Chronicle Security Operations suite since its inception. It provides the capability to build a unique baseline of network accesses commonality, and is used by security analysts to quickly determine unusual or beaconing activity. 

For our first diary entry we wanted to highlight key feature favorites this particular customer loved...

Modern detection for modern threats...

The latest release of Siemplify SOAR sets you up with the building blocks you need—cloud infrastructure, automation, collaboration, and analytics—to take your response to the next level.

Introducing the Siemplify (now part of Google Cloud) MSSP SecOps Program, which is uniquely poised to offer customers a new way to think about the SOC—from insights to risk reduction to help with the maturity lifecycle for the enterprise.

So far, our new to Chronicle series has introduced UDM and built a detection on a single event. From there, we moved into correlating across multiple events. Today, we are going to introduce another section of YARA-L called outcome.

As part of the "New to Chronicle" series, our John Stoner walks you through Chronicle's unified data model schema and how it empowers your analysis and decision-making.

The "New to Chronicle" series carries on with another primer into rules, this one focusing on building multi-event rules to enhance your SIEM coverage.

Discover how Chronicle provides native integrations for Google Workspace, a modern productivity and collaboration suite.

SOC training is an important way to not only make analysts better prepared to battle adversaries, but also to make them know leaders are investing in their skills and giving them an opportunity to grow. Here is how to get it right.