Knowledge base
Explore Chronicle resources, including whitepapers, webinars, case studies and data sheets.
All
Simplify threat detection, investigation and response (TDIR) using the intelligence, speed and scale of Google.
IDC conducted interviews with various Google Chronicle customers to understand the value, both quantitative and qualitative, it is providing to its customers.
As cloud adoption continues to evolve your attack surface, so should the tools that are protecting your organization.
With an ever-expanding attack surface, Charles Schwab needed a critical partner to bring an advantage in the fight against new and emerging threats. With Google Cloud Security and Chronicle, the financial institution can now scale and enrich data with threat intelligence to become proactive.
Don’t take our word for it. See what our customers have to say about Chronicle Security Operations, from Google Cloud.
To effectively defend against today’s increasingly sophisticated cyberattacks, security operations teams need a fresh approach. This session will outline how Google Cloud is thinking about modern threat detection, investigation, and response.
See the results
Read the report
Switzerland-based IT services and IT consulting company, UMB AG, uses Chronicle SOAR to improve speed, visibility and scalability, resulting in a "win-win" situation for their customers and cyber defense team.
Managed Security Service Provider, Cyderes, needed a robust platform that would allow them to ingest any kind of data at volume and bring automation to their customers. CEO, Robert Herjavec, shares the value Chronicle Security Operations has added to their services, including the application of AI, and the power behind their partnership with Google Cloud.
A manufacturing company turned to Chronicle SIEM to increase visibility, flexibility and speed in their SOC and immediately recognized the benefits. Shortly after transitioning they started receiving alerts they had never seen before, eliminated days of investigation time and found the platform easy enough for anyone on the team to use.
The SANS 2023 SOC Survey explores SOC capabilities, deployment architecture, technology use and satisfaction, capabilities outsourced and satisfaction with outsourced providers.
Hear from the hunters
Access the Gartner report to take your threat detection, investigation and response to the next level.
Learn how they do it
Learn more
We polled 400 security leaders and hands-on SecOps practitioners to understand how they identify, protect against, and remediate cloud-based threats. In the report, you'll learn how the move to cloud can transform your security operations today and in the future.
Learn how RAD Cyber Security and CyberSec Services leveraged Chronicle to build fast, effective and highly-differentiated services for their customers.
The industry’s deepest dive yet into the occupational hazards emanating from the SOC and what analysts, engineers and managers can do about them.
Communication is tantamount when a security threat is affecting an organization, but there’s a reason most SOC pros chose computing over journalism. Yet the burden is on you to make clear, salient points to the rest of the business about active digital dangers.
Regardless of the size or maturity level of your security operations center, every SOC team must build upon certain foundational principles. From there, teams can develop optimal workflows leading to proactive threat detection, intelligence-driven investigation and response.
Knowing exactly which steps to take when an alert emerges is a prerequisite for successful security operations. Playbooks not only help ensure predictable and consistent results before, during and after an incident, but they also aid in empowering your analysts and cutting down on mistakes.
Download VTE for Threat Investigations to discover how to leverage the full power of VirusTotal.
Hear Telepass explain their adoption of Chronicle to consume all their security events into one place, filter out false positives, respond to real threats more efficiently, and integrate with other Google Cloud security services.
This second paper in our series, “The Future of the SOC” entitled, “SOC People - Skills not Tiers,” focuses on the single most important component of the SOC: the people.
Download this Google Cloud case study to How one of the world’s largest shipping companies turned to SOAR to shrink threat response times and demonstrate security value to stakeholders.
Using Chronicle SIEM and SOAR, Secrutiny is able to improve threat detection and response for customers. Watch this customer video to see how.
Using Google Cloud and Chronicle, Vertiv is able to conduct thorough security investigations and close cases faster. Watch this customer video to see how.
Tune in to hear Sunil Potti and Cristina Pitarch from Google Cloud discuss Google's latest thinking and the importance of staying ahead of the ever-changing cybersecurity landscape.
Learn how they do it
Discover why SANS said Chronicle SIEM is "a paradigm changer in how security investigations are conducted and believe it will be a force multiplier for most security teams."
Download this Google Cloud white paper to discover best practices for detection and response in the cloud and how cloud adoption can spark a transformative SecOps journey.
Domain prevalence, and threat detection with Chronicle SIEM
Chronicle SOAR enables MSSPs to deliver high-value security services with fewer resources, improve margins and keep customers delighted.
In this episode of “Fastest Two Minutes in SecOps,” Google Cloud Principal Security Strategist John Stoner introduces you to the benefits of hunting, and also offers words of caution for teams who may rush into the practice before other competencies of their detection and response are sufficiently built out.
In this webinar, you'll find out why you should augment your existing SIEM with Chronicle and how to create an action plan.
See how modern security operations centers are forging new and symbiotic connections within and outside the organization.
Using GeoIP for detection with Chronicle
In this webinar, learn why detection and response is different in the cloud and how technology can help.
World's largest shipping company turned to SOAR to shrink threat response times and demonstrate security value to stakeholders.
What if your SOC were able to regulate and improve itself like your nervous system does? That's the goal of Autonomic Security Operations and its continuous detection and response loop, explains our Steve Meckl in the latest "Fastest Two Minutes in SecOps" episode.
These three Chronicle augmentation use cases are proof that a modern SIEM can free you from costliness and complexity as you take on today’s adversaries.
Detection and Response on Google Workspace with Chronicle
This paper neatly makes the case for adding Chronicle SIEM to your SOC environment, or if you are a current user, describes how to extract additional use case benefits.
Many cybersecurity technologies and disciplines have maturity models, but there are limited frameworks for security operations teams assessing the growth of their SOAR deployment. Now we have one for you to use.
The "New to Chronicle" series carries on with another primer into rules, this one focusing on building multi-event rules to enhance your SIEM coverage.
Chronicle enables ingestion and analysis of massive amounts of data, improves detection accuracy, and reduces time to incident resolution.
New Ingestion Metrics, New YARA-L Functions, and New VirusTotal Widget Integrations
Read how managed security services providers can stand out from the competition and drive revenue growth in this all-in-one guide.
Download this ESG paper to learn more about the role of XDR in the SOC modernization journey and best practices for a successful SOC transformation.
Get a better understanding of the ATT&CK and D3FEND frameworks and how they can be utilized to help strengthen incident analysis and response.
BBVA, one of the largest financial institutions in the world, uses Chronicle to predict and prevent cyberattacks using custom AI tools.
Scaling your SOC with Context-Aware Detections
Get actionable threat intelligence to ensure your cloud environments are best protected against ever evolving threats.
Detecting GCP CIS control violations with native GCP Cloud Audit Logging and Google Chronicle
"ASO gives CISOs a vision of how to drive security operations transformation, how to identify the top metrics, and how to inspire their workforce to be aligned to the same vision."
Learn more about Google Cloud Security solutions that help customers precipitate change.
Learn more about Google's approach to modernizing and transforming your security operations center by reading this white paper. It will cover why it is so important to to transform the SOC, what Autonomic Security Operations is and how you can achieve it.
This certificate validates that Chronicle has implemented the guidelines and general principles for initiating, implementing, maintaining, and improving the management of information security.
Cloud migration isn’t just an opportunity to transform business; it’s a chance to completely re-do the cybersecurity model, says Dr. Anton Chuvakin. He explains the business benefits of security transformation and how to initiate it from day one in the cloud.