Chronicle Security Operations is coming off a pivotal third quarter. Not only did we announce a unified approach to TDIR, but continued to make enhancements towards everyday functionality. Dive into the top features below to see how Chronicle is adding value to customers’ day-to-day operations while also reducing legacy SIEM headaches.
Unified Security Operations Experience
Say goodbye to console switching. Our new consolidated experience for Chronicle SIEM and Chronicle SOAR streamlines the TDIR experience so you can easily access relevant context and pivot between alerts, cases, investigation, and playbooks.
Integration with Mandiant Attack Surface Management
Continuously identify and validate exploitable entry points into your organization with the new Mandiant Attack Surface Management integration.
Enrich Events with Applied Threat Intelligence
Automatically enrich and contextualize every event with the latest, market-leading threat intelligence from Google Cloud, Mandiant, and VirusTotal, to help eliminate blindspots and ultimately detect more threats.
With Duet AI, you can now enter questions in natural language and Chronicle will generate the query from your statement, present a fully mapped syntax for search, and make it possible for you to quickly refine and iterate on results.
You can also leverage Duet AI to automatically get a clear summary of what’s happening in cases, receive context and guidance on important threats, and recommendations for how to respond.
Expert Help from Mandiant Threat Hunters
Close the skills gap and gain elite-level support without the burden of hiring, tooling, and training. With Mandiant Hunt for Chronicle, you can now have Mandiant experts continuously hunt for threats in your environment.
Self-service Parser Management
Gain full control over how your logs are normalized. With new self-service parser management, you can now easily create and customize parsers.
Power More Complete Data Analytics
Level-up data exploration, advanced analytics, dashboarding and reporting of your UDM events data with the new BigQuery UDM events table.
Intelligent Query Creation
Expand exploration across the product with new UDM search capabilities including reverse-lookup against UDM fields and suggested starting points from history, saved searches, and shared search.
Expanded Regional Support
Meet long-term compliance and jurisdictional requirements with expanded regional support. Our most recent additions include data centers in London, Sydney and now, Tel Aviv. Interested in seeing more? Schedule a demo today to see how you can leverage these new features.