Join us live October 11-13 for Google Cloud Next. Register now.
Google on SecOps
A blog helping you win at security operations through best practices, new ideas, product updates, and more.
May 19, 2022
How to power up your SOC training to improve detection, investigation, and response
July 6, 2022
Fastest Two Minutes in SecOps: Cloud security [Video]
June 14, 2022
A simple SOAR adoption maturity model
August 4, 2022
Security Analyst Diaries #4: Detection and Response on Google Workspace with Chronicle
All the latest
Click for Chronicle's RSS feed
Filter topics:
December 16, 2021 / by Rick Correa, Sharat Ganesh
Detecting and responding to Apache “Log4j 2” using Google Chronicle

In this post, we will share how customers can detect and respond to Log4j 2, and discuss solutions available to Chronicle customers to manage the risk of the Apache “Log4j 2” vulnerability (CVE-2021–44228 and CVE-2021–45046).

April 20, 2021
New Chronicle integrations with leading SOAR platforms
As enterprises look to more efficiently manage the incident response process, Security Orchestration, Automation, and Response (SOAR)…
October 12, 2020 / by Anton Chuvakin
Why is Threat Detection Hard?
May 10, 2022 / by Dan Trotman
Partnering in Europe to outsmart digital adversaries: Managed security providers and Google Cloud Security

Google Chronicle and EMEA-based MSSP Hunt & Hackett have partnered to deliver advanced managed detection and response services.

August 11, 2022 / by Dan Kaplan
Fastest Two Minutes in SecOps: Autonomic Security Operations [Video]

What if your SOC were able to regulate and improve itself like your nervous system does? That's the goal of Autonomic Security Operations and its continuous detection and response loop, explains our Steve Meckl in the latest "Fastest Two Minutes in SecOps" episode.

March 16, 2022 / by Mike Hom, Travis Lanham
Powering Security Operations with context-aware detections, alert prioritization and risk scoring in Google Chronicle.
October 11, 2021 / by Rajesh Gwalani
Investigate threats surfaced in Google Cloud’s Security Command Center using Chronicle

Today we’re excited to announce a brand new integration between Chronicle and Security Command Center, Google Cloud’s security and risk management platform.

July 11, 2022 / by Dan Kaplan
How Chronicle SIEM can help augment your SOC stack [New paper]

Introducing a new paper conveying the value of Google Chronicle augmentation, designed for organizations experiencing detection and response blind spots, namely limited visibility into security telemetry, scalability challenges, and inconsistent response capabilities.

May 23, 2022 / by Dan Kaplan
Fastest Two Minutes in SecOps: Top SOC Challenges [Video]

A brand-new Google Cloud Security video series launches, coverings all things security operations. The premier episode of "Fastest Two Minutes in SecOps" addresses top SOC challenges.

March 25, 2020 / by Anton Chuvakin
So, Chronicle, Are You a SIEM?
February 22, 2022
Join us for Google Cloud Security Talks: Threat Detection & Response Edition

Learn about everything related to threat detection, investigation and response in our Q1 2022 Google Cloud Security Talks.

March 5, 2020
One Year…and Counting!
With RSA 2020 upon us, it’s been one year since we announced our security analytics platform. We decided to start by doing one thing…
July 26, 2022 / by Dan Kaplan
What it means to do threat detection, investigation, and response in the cloud [New paper]

Cloud applications and infrastructure are different to defend than on-premises environments. This new whitepaper will guide security operations teams through the distinctions, nuances, and opportunities presented by the cloud.

June 15, 2022 / by Dan Kaplan
Fastest Two Minutes in SecOps: Ransomware [Video]

In the latest episode of "Fastest Two Minutes in SecOps," Diaz tells security operations professionals everything they need to know about how ransomware is evolving and key pointers to consider in a detection and response strategy.

April 15, 2020
Working with ElevenPaths

This morning, Telefonica’s ElevenPaths announced its collaboration with Chronicle, to begin building new managed security services. MSSPs…

April 5, 2022 / by Sharat Ganesh
How Managed Security Service Providers can accelerate their business with Google Cloud Security’s Partner Program using Google Chronicle

We are excited to announce our new Chronicle MSSP Program, which will offer MSSPs around the world the ability to provide scalable, differentiated, and effective detection and response capabilities with our cloud-native SIEM product, Chronicle.

May 6, 2021
Introducing Threat Intel for Chronicle
Today we’re excited to announce Google Cloud Threat Intelligence for Chronicle, a new applied threat intelligence service available to…
June 2, 2022 / by Sharat Ganesh, Josh Karp
How cybersecurity technology providers can harness Google Cloud’s security technologies with a new OEM partner program

Google Cloud Security’s OEM Partner Program accelerates technology partner innovation with Chronicle and VirusTotal capabilities.

August 4, 2021 / by Rajesh Gwalani
Introducing brand new visualizations in Chronicle

Today, we’re excited to announce that we’re bringing more industry-leading Google technology to security teams by integrating Chronicle with Looker and BigQuery.

May 12, 2022 / by Dan Kaplan
Learn, connect, and be inspired at Google Cloud Security Summit 2022 [plus how to stream it live]

Google Cloud Security Summit happens Tuesday. Here is a look at what you can expect at the big virtual event for information security professionals.

May 7, 2022 / by Dan Kaplan
[Infographic] The SOC Ecosystem

This slick Google Cloud infographic illustrates how modern security operations centers are forging new and symbiotic connections within and outside the organization.

August 2, 2022 / by Dan Kaplan
[Infographic] Have your SIEM ... and augment it too

If you make the wise decision to augment your SIEM with Chronicle, here are three compelling use cases illustrated that will help you achieve affordability, scalability and better response.

November 18, 2021 / by Anton Chuvakin
New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center”

It is with much excitement that we release a new paper about transforming your security operations, published under the Office of the CISO at Google Cloud.

November 7, 2020 / by Anton Chuvakin
Hearing from CISOs at Google Cloud and Beyond
May 27, 2021 / by Matthew Svensson
How to dynamically correlate Google Cloud Compute Engine instance network traffic using Chronicle
Following up from last week’s blog post on why network security telemetry matters today, our guest author Matt Svensson, a Senior Security…
April 20, 2021 / by Anton Chuvakin
Today, You Really Want Cloud Native SIEM Capabilities!

One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate. Let’s explore this topic for the (n+1)-th time.

June 27, 2022 / by Dan Kaplan
How to think about cloud threats today

In the cloud, are these new threats, or old and familiar threats against relatively new assets? What does the future potential hold for your adversaries? And what can your security operations team do to get ahead of this fast-moving landscape?

April 29, 2021
New SOC Prime detection rules available in Chronicle

The Chronicle team is excited to release new SOC Prime detection rules, now available to use in the Chronicle Detect rules engine.

February 4, 2022 / by Chris Martin
Security Analyst Diaries: Detecting GCP CIS control violations with native GCP Cloud Audit Logging…

For our first diary entry we wanted to highlight key feature favorites this particular customer loved...

May 12, 2021
Introducing Chronicle Detect

Modern detection for modern threats...

May 17, 2022 / by Kristen Cooper
Introducing SOAR for the age of anywhere operations

The latest release of Siemplify SOAR sets you up with the building blocks you need—cloud infrastructure, automation, collaboration, and analytics—to take your response to the next level.

May 31, 2022 / by Kristen Cooper
Three ways to stay one step ahead in a competitive MSSP market

Introducing the Siemplify (now part of Google Cloud) MSSP SecOps Program, which is uniquely poised to offer customers a new way to think about the SOCfrom insights to risk reduction to help with the maturity lifecycle for the enterprise.

May 14, 2021 / by Anton Chuvakin
Why your network security telemetry matters
March 30, 2021
Predictive Analytics for Cyber in Enterprises: Setting the PACE with Google Cloud Chronicle and…
As more organizations embrace hybrid, multi-cloud environments and a work-from-anywhere model, security teams are realizing they operate…
August 4, 2020
Building a Modern Endpoint Architecture with Tanium
Today, we are announcing an expanded partnership with Tanium, which includes joint solutions between Tanium Threat Response and Chronicle…
August 1, 2022 / by John Stoner
New to Chronicle: Unified data model

As part of the "New to Chronicle" series, our John Stoner walks you through Chronicle's unified data model schema and how it empowers your analysis and decision-making.

May 14, 2021 / by Anton Chuvakin
Q&A Blog: Trends for the Modern SOC
No results found
Let’s work together
Ready for Google-speed threat detection and response?
Contact us