Mandiant is now part of Google Cloud. Learn more.
Knowledge base
Explore Chronicle resources, including white papers, webinars, case studies and data sheets.
Security Analyst Diaries: Episode 5
Using GeoIP for detection with Chronicle
Security Analyst Diaries: Episode 3
New Ingestion Metrics, New YARA-L Functions, and New VirusTotal Widget Integrations
How Chronicle SIEM Can Help Augment Your SOC Stack
This paper neatly makes the case for adding Chronicle SIEM to your SOC environment, or if you are a current user, describes how to extract additional use case benefits.
Security Analyst Diaries: Episode 6
Domain prevalence, and threat detection with Chronicle SIEM
SANS 2022 SOC Survey
The SANS 2022 SOC Survey evaluates key SOC success measures, including staffing, technology and budgeting. Download the survey today, and immediately compare your team to your peers!
CISO Testimonial Morgan Sindall
Neil Binnie, CISO at Morgan Sindall, explains why Chronicle is the best tool available for countering potential attacks.
Security Analyst Diaries: Episode 2
Scaling your SOC with Context-Aware Detections
Threat Detection, Investigation, and Response in the Cloud
Download this Google Cloud white paper to discover best practices for detection and response in the cloud and how cloud adoption can spark a transformative SecOps journey.
The SOC Modernization Journey
Download this ESG paper to learn more about the role of XDR in the SOC modernization journey and best practices for a successful SOC transformation.
See how modern security operations centers are forging new and symbiotic connections within and outside the organization.
Case Study: Morgan Sindall
Chronicle enables ingestion and analysis of massive amounts of data, improves detection accuracy, and reduces time to incident resolution.
Case Study: BBVA
BBVA, one of the largest financial institutions in the world, uses Chronicle to predict and prevent cyberattacks using custom AI tools.
Security Analyst Diaries: Episode 1
Detecting GCP CIS control violations with native GCP Cloud Audit Logging and Google Chronicle
Security Analyst Diaries: Episode 4
Detection and Response on Google Workspace with Chronicle
INFOGRAPHIC: Have Your SIEM and Augment It Too
These three Chronicle augmentation use cases are proof that a modern SIEM can free you from costliness and complexity as you take on today’s adversaries.
SANS 2022 ATT&CK™ and D3FEND™ Report
Get a better understanding of the ATT&CK and D3FEND frameworks and how they can be utilized to help strengthen incident analysis and response.
ISO/IEC 27001:2013 Certificate
This certificate validates that Chronicle has implemented the guidelines and general principles for initiating, implementing, maintaining, and improving the management of information security.
10X Transformation of the Security Operations Center White Paper
Learn more about Google's approach to modernizing and transforming your security operations center by reading this white paper. It will cover why it is so important to to transform the SOC, what Autonomic Security Operations is and how you can achieve it.
Case Study: Groupon
Using Google Cloud's Chronicle, Groupon has been able to simplify the way they approach threat response, hunting, and investigations. Watch this customer case study video to see how.
Case Study: BetterCloud
Learn how BetterCloud leverages Google Cloud's Chronicle platform to reduce threat investigation time from minutes to seconds. Watch the video to learn more.
Case Study: Paradigm Quest
Paradigm Quest chose Chronicle, Google Cloud’s security analytics platform, to perform detection and investigation at the speed of the search. Learn more in this new customer case study.
Google Cloud and Deloitte White Paper: SOC People, Skills not Tiers
This second paper in our series, “The Future of the SOC” entitled, “SOC People - Skills not Tiers,” focuses on the single most important component of the SOC: the people. Download today to make the most of your SOC through highly skilled SOC analysts, technology, and automation.
ISMG eBook | Cloud Migration: The Chance to Transform Security
Cloud migration isn’t just an opportunity to transform business; it’s a chance to completely re-do the cybersecurity model, says Dr. Anton Chuvakin. He explains the business benefits of security transformation and how to initiate it from day one in the cloud.
Google Security Talks: Chronicle Customer Panel
Join this session to hear directly from organizations about why they chose Chronicle, the impact and metrics they are transforming with Chronicle, and their experience with the rules engine.
Google Security Talks: Detect Everything
The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place, and perform investigations in seconds. Join this session to learn all about what’s new in Chronicle and see it in action with a live demo.
Tanium + Chronicle Solution Demo
Watch a demo of our Tanium and Chronicle joint solution. Enterprise-class Unified Endpoint Security (UES) paired with massively scalable, cloud-native security analytics.
Detecting Malicious Activity in Large Enterprises
Chronicle sponsored this SANS white paper, written by Matt Bromiley, with the mission of exploring advanced threat detections at enterprise scale. Download a copy to learn about the techniques available to scale organizational growth, no matter how much security data you have.
The Economic Benefits of Chronicle's Analytics Platform
ESG’s analysts confirm the savings that can be realized by leveraging the Chronicle platform. Download this paper to understand how Chronicle customers can expect to spend up to SIX times less with Google Chronicle than alternative solutions.
SANS Webinar: Rethinking Security Detection in an XDR World
Join this SANS webinar, with Google Cloud Security experts to learn more about the dimensions of modern security analytics that will enable you to fully unleash your XDR investment.
Google Cloud and Deloitte White Paper: Future of the SOC
In this paper, Chronicle and Deloitte have joined forces to explore the primary “forces” that are driving the need to change the approach to threat management and security operations. The paper explores how those salient factors are shaping the challenges a modern SOC must overcome to continuously mature.
Case Study: Aspen Skiing Company
Read more about how Aspen Snowmass evaluated various existing and emerging technologies in the security analytics space and chose Chronicle (now part of Google Cloud) for its distinct advantages in addressing their specific needs.
Google Cloud Security: Bright Talk Channel
Visit Google Cloud Security's Bright Talk Channel! Here we host our latest video discussions, upcoming "talks" and other useful on-demand videos.
Streamline Security Analytics and Operations
Watch the latest demo of Chronicle, conducted by Google Cloud Developer Advocate Max Saltonstall, and see how Chronicle is solving many cybersecurity challenges faced by enterprises today.
Cyderes Cloud Native Analytics Platform: Joint Solution Brief
Cyderes Cloud Native Analytics Platform is powered by and built entirely on the Google Cloud Platform and the Chronicle security analytics offering.
Google Cloud Platform Podcast: Chronicle Security with Dr. Anton Chuvakin and Ansh Patniak
It’s cyber security week on the Google Cloud Platform Podcast as Priyanka Vergadia joins Mark Mirchandani to talk with the folks of the Chronicle Security Team.
Case Study: Healthcare Industry Leader
Read about how a global healthcare giant uses Chronicle to improve ROI on their security investments and reduce time to response significantly.
Google Cloud Security Talks
As more and more organizations migrate to the cloud, it’s vital that you take every step possible to protect your data. Get the latest insights by joining us for the Google Cloud Security Talks.
Chronicle Global Security Telemetry Platform Demo
Watch a demo of the Chronicle global security telemetry platform in action. We are a cybersecurity platform that leverages massive data and compute resources to analyze and fight cyber threats.
Chronicle Customer Stories
Our customers are the best storytellers. Hear about their successes with the Chronicle security analytics platform directly from them.
Webinar: Detection, Investigation and Hunting with Chronicle
Watch our webinar to get a deep dive into the new features and capabilities available with our global security telemetry platform. These latest innovations include intelligent data fusion and new threat detection capabilities. Watch now.
Google Chronicle and Palo Alto Cortex XSOAR: Joint Solution Brief
A purpose-built integration between Google Chronicle and Cortex XSOAR now enables customers to combine the real-time threat detection and investigation capabilities of Google Chronicle with the SOAR features of Cortex.
Redefining Security Analytics with Chronicle
Read more about the Chronicle platform, how it works, its security architecture, and key features that make it different than any other big data solution.
IT GRC Forum Webcast: Cornerstones to Fortify Your Enterprise Cybersecurity Defense
Hear from security experts, including Google Cloud's Dr. Anton Chuvakin, discuss why fortifying your cybersecurity strategy should be a critical priority and highlight some best practices that you can employ to stay ahead of evolving threats.
Google Cloud Security Showcase: Investigate beaconing malware with Chronicle
Watch one of our engineers walk through how to investigate a beaconing malware with Chronicle.
Google Cloud Security Showcase: Investigate a phishing attack with Chronicle
Watch one of our engineers walk through how to investigate a phishing attack with Chronicle.
Chronicle for Tanium: Joint Solution Brief
Unlock the power of your security telemetry with Tanium and Chronicle’s joint solution.
Chronicle & Tanium: Unlock the Power of Your Security Telemetry
Together, Tanium and Chronicle provide the best and most accurate endpoint data with unparalleled security analytics and industry-leading threat intelligence, at the speed, scale, and simplicity of Google search.
SANS Webinar: Move to Cloud, A Chance to Finally Transform Security?
Chronicle's Dr. Anton Chuvakin and Brandon Levene, discuss the reality of using a move to cloud as a chance to finally transform your security with SANS moderator Matt Bromiley.
Case Study: Quanta Services
Quanta Services is a leading specialty contractor in North America, providing fully integrated solutions for the electric power, pipeline, industrial and communications industries.

Watch the video
2019 ESG eBook: Industry Trends in the Era of Cloud Computing
ESG surveyed 406 IT and cybersecurity professionals to better understand how they are managing the growing challenges of developing effective security analytics and operations in the era of cloud and digital transformation.
SANS Webinar: How to Get the Most Out of Your Security Data
Learn how you can harness the massive computing power of Chronicle integrated with the powerful insights from VirusTotal to process petabytes worth of data in almost real-time.
(ISC)2 Webinar: Chronicle + VirusTotal = Scale, Speed & Intelligence Multiplied
Harness the massive computing power of Chronicle integrated with the powerful insights from VirusTotal to process petabytes worth of data in almost real-time. Watch how Chronicle can help your organization be better prepared and connected for what comes onto your network.
Carbon Black and Chronicle Webinar: Security Analytics as a Force Multiplier for Threat Hunting
Chronicle and Carbon Black have joined forces to combine comprehensive endpoint telemetry with security analytics at scale to provide a better way to detect attacks, investigate incidents, and proactively hunt for threats. Register for this webinar to learn more.
SANS Webinar: Rethinking your Global Security Platform
Brandon Levene, Chronicle's Head of Applied Intelligence, and SANS Matt Bromiley discuss how the Backstory platform (now Chronicle) offers different and better answers to the largest, ongoing pain points for security professionals. Watch now.
(ISC)2 Webinar: Better Threat Hunting and Investigation with VirusTotal
Get a deeper look into malware campaigns using VirusTotal's newest tools, including improved relational metadata and expanded retroactive and proactive hunting capabilities.
VirusTotal Enterprise for Threat Investigations
VirusTotal Enterprise provides extensive information to accelerate malware threat investigations. Analysts can quickly build a picture of an attack and then use the information to better protect against other attacks.
VirusTotal Enterprise: Get Smarter, Be Safer
VirusTotal Enterprise enables you to hunt for malware, automate analysis, and keep your investigations private and secure.
(ISC)2 Webinar: Chronicle, Rethinking Enterprise Security
Organizations need tools to link intelligence about threats in the wild, threats in your network, and understand unique signals from both. Examine the latest trends in this space, and how Chronicle is looking to solve them at a global scale with speed and efficacy.
Risky Biz Soap Box: Chronicle Launch by Alphabet
Chronicle founder and CSO Mike Wiacek discusses the launch of Chronicle at RSA 2019 with Patrick Gray of Risky Business. Listen now.
SANS Webinar | Detecting Malicious Activity in Large Enterprises
In this webcast, SANS author Matt Bromiley and Chronicle Security's Dr. Anton Chuvakin focus on concepts to effectively detect malicious activity within large enterprises.
Case Study: Telepass
Telepass, the most widely used electronic tolling system across Europe, uses Chronicle to protect their 6 million users from security threats and make mobility a better experience for their customers.
Let’s work together
Ready for Google-speed threat detection and response?
Contact us