Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Mandiant Hunt for Chronicle Uncover hidden attacks with elite threat hunters by your side.
SOC Modernization Protect your organization against modern-day threats.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Chronicle CyberShield Helping Governments Defend Against Modern Threats
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners arrow_forward expand_more
Partners

We work together with our partners to help our customers protect themselves.

Partners
Overview Through product integrations and security expertise, together we bring more effective solutions to market.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Contact us Visit the contact us page
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Mandiant Hunt for Chronicle Uncover hidden attacks with elite threat hunters by your side.
SOC Modernization Protect your organization against modern-day threats.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Chronicle CyberShield Helping Governments Defend Against Modern Threats
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners arrow_forward expand_more
Partners

We work together with our partners to help our customers protect themselves.

Partners
Overview Through product integrations and security expertise, together we bring more effective solutions to market.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
IDC Study: Customers cite 407% ROI with Google Chronicle. Learn More IDC Study: Customers cite 407% ROI with Google Chronicle. .
Recapping Siemplify SOAR's biggest summer updates
Kristen Cooper
Product Marketing, Google Cloud Security
September 1, 2022

This summer has delivered serious innovation across Google Cloud's Siemplify SOAR product to help customers enable modern, fast, and effective threat response. Building on our May announcement—SOAR for the age of anywhere operations—we continued our momentum and attention to the technology with a host of new features dedicated to driving efficient security operations. In case you missed any of these valuable additions, here’s a quick recap: 

1) Manage playbook permissions

The playbook creator can now manage access and editing rights for specific users or SOC roles for their playbook. How does this relate to the real world? For example, enterprise customers can now restrict access to sensitive playbooks or prevent engineers from overriding your work while building a playbook. MSSP customers can now build playbooks in their own environment while still collaborating with the MSSP's engineers.

2) New MSSP user licenses

Specifically for MSSP customers, we’ve introduced two new licenses that will better support MSSPs that want to run a hybrid SOC together with their end customers. These licenses assist MSSPs in defining how they wish to collaborate with their customers—who can do what. 

3) Ingest alerts with webhooks

We’ve introduced webhooks as an easy, lightweight solution for pushing alerts from third-party systems into Siemplify SOAR.

4) Rerun playbooks

Customers can rerun playbooks attached to alerts in a case in order to update results since the previous run, check steps that failed in a playbook, or check logic changes done via the playbook designer.

5) Approve manual playbook actions with a single click

Playbook creators can now utilize one time approval links which enable end users to approve or decline a manual action from wherever they are—including third-party apps like email or Slack, without the need for authentication.   

6) Enhanced user management

A host of improvements include authenticating internal users by email address, self-service password creation for newly created users, self-recovery of passwords, the ability to delete a user, and additional flexibility in editing user properties and login details.

7) Additional customization options

Customize actions and playbooks with asynchronous editing actions; improve case investigation flow with the ability to add or edit entity enrichment properties from various system screens; and create custom landing pages based on user type.

8) Improved marketplace

Seven new integrations have been released and more than 50 existing integrations received added capabilities. In addition, the marketplace use cases now include out-of-the-box ontology rules.

Check out these new additions and let us know what you think. Also be sure to join us Oct. 11 to 13 at Google Next and stay tuned for more exciting announcements. There’s much more to come, and we can’t wait to show you what’s on deck!

Let’s work together

Ready for Google-speed threat detection and response?

Contact us Visit the contact us page