Chronicle news

Siemplify allows SOC analysts to manage their operations from end-to-end, respond to cyber threats with speed and precision, and get smarter with every analyst interaction. The technology also helps improve SOC performance by reducing caseloads, raising analyst productivity, and creating better visibility across workflows. Siemplify’s capabilities will be integrated into Chronicle in ways that help enterprises modernize and automate their security operations.

For an EDR solution to become an XDR solution, it requires a combination of first accumulating data from the existing IT security stack, and then extending the EDR data analytics to also analyze the accumulated data. Cybereason has partnered with Google Chronicle to provide the data accumulation. And it has extended its MalOps analytics engine to examine the wider set of elements, such as email, SaaS solutions, and cloud. Cybereason XDR is no longer the first source of the data. Best of breed solutions can onboard their data into the new system and the customer gets the best solution from Google, SIEMs, and other tools combined with Cybereason's hunting engine.

Google Chronicle capabilities are being boosted considerably through integrations with Google Cloud data analytics services Looker and BigQuery.  The integrations with Looker, which is a business intellgence platform, and BigQuery, a data warehouse service, will help to expand Chronicle's reporting, compliance, visual security workflow and data exploration capabilities.

Google Cloud today unveiled new offerings to support its cloud platform, products and services with "engineered-in, invisible security." The security products and services include the integration of its cloud-native Chronicle security analytics platform with its Looker and BigQuery analytics platforms, Automnomic Security Operations and the previews of managed intrusion detection system and a risk protection program.

Google and CrowdStrike are linking half a dozen of their cybersecurity tools to make it easier for information technology teams to spot malware in their companies' systems. The Falcon platform can now send security information from a company's environment to Google's cloud-based Chronicle analytics platform, which allows cybersecurity experts to sift through the information for signs of a breach.

The deal marks BBVA out as the first bank in Europe to deploy Google Cloud’s security analytics platform, Chronicle, which is designed to aid the swift detection of security threats at scale by allowing IT teams to store and analyse all their security in one place.

Taking advantage of a next generation rules engine from Google, Chronicle Detect is expected to boost overall threat detection, delivering improved speed, and a language designed specifically for the detailing of threat behaviors, in addition to new rules and indicators.

Google Cloud today took the wraps off Chronicle Detect, a new threat-detection solution built on its infrastructure to help enterprises move from legacy security tools to a modern system that can quickly identify threats at scale.

The tool is the culmination of Chronicle's efforts to build a rules engine that can handle complex analytic events, flesh out a new threat detection language tuned for modern attacks and take advantage of the security advantages offered by Google's scale.

…the two companies are launching a new solution that combines Google’s own Chronicle offering (a security analytics platform) with Tanium’s Threat Response platform. According to Google, this joint solution was designed to aid in the detection, investigation and scoping of APTs (long-lived, advanced attacks)…

Through the integration between Chronicle security analytics and Tanium's unified endpoint security, joint customers have greater capabilities around hunting for threats, accelerating incident response, and reducing costs.  For the first time, security teams can rapidly and proactively hunt threats both live and across an entire year of endpoint activity...

Through the partnership, Tanium is offering a new service designed to assist enterprises to detect, investigate and scope advanced, long-lived attacks. The service offers integration between Tanium’s Threat Response and Chronicle, Google Cloud’s security analytics platform.

Google also announced its Tanium and Chronicle partnership. Google acquired Chronicle earlier this year and is partnering with Tanium, a leader in the endpoint security space, to provide a clearer picture of threats in the enterprise.

Think of CNAP as a pre-assembled SaaS SIEM product bundle with a modern core (Chronicle). If you use CNAP, you will get all the Chronicle coolness, but you will also get a long list of “classic” SIEM features and, in fact, some functions of a broader “cyber defense platform.”

Google is launching a commercial zero-trust remote access service that will allow companies to enable their work-from-home employees to access internal web-based applications without the need of virtual private networks (VPNs). "We've been actively working for the past few years to bring a version of BeyondCorp technology, which we pioneered many years ago, to the enterprise," Sunil Potti‎, vice president and general manager for Google Cloud

Google has made a number of security announcements at RSA 2020, including upgrades to its Chronicle Security platform and the general release of its reCAPTCHA Enterprise and Web Risk API tools.  "Cloud security is a top enterprise IT priority as organizations modernize their critical business systems both in-place and in the cloud," Sunil Potti, VP of Google Cloud security

Google today shared a bunch of security news at RSA Conference 2020, which kicks off this week in San Francisco. The company’s Google Cloud division introduced threat detection and timeline capabilities in Chronicle. Google Cloud also launched reCaptcha Enterprise and Web Risk API in general availability.

Google is turning security into a Google Cloud Platform (GCP) business line. Along with that, “Chronicle is essentially becoming a foundation for this business line,”...

Together, this integration will help security administrators quickly identify and respond to threats detected in their organization's environment by recognizing patterns in threat data and user activity over time.

Chronicle, a Google Cloud cybersecurity business, launched Backstory in March. The cloud service is a lot like Google Photos. Enterprises and organizations dump their data into silos. Then the system structures everything, stores the data in the cloud and compares it to a continuous stream of threats.

New research from Chronicle shows that as crimeware has grown over the last five years, law enforcement efforts have become increasingly ineffective -- and in some cases have produced unintended consequences.

Herjavec Group is adding a pair of Google security intelligence products its managed security services portfolio, the cybersecurity firm announced…

The Tanium-Chronicle Backstory integration empowers customers to use Tanium Threat Response to proactively stream enterprisewide telemetry data directly from endpoints to the Backstory platform.

Aiming for attribution doesn't help most organizations become more secure. It can actually have the opposite effect.

Chronicle links the malware samples to Iran's APT33 group, which previously developed the infamous Shamoon malware.

Thousands of malware samples uploaded to VirusTotal have been signed with a valid certificates from well-known certificate authorities, said researchers from Chronicle.

Under the pact, Siemens will use Chronicle's Backstory platform to provide security visibility across information and operational technology. Chronicle's platform will be combined with Siemens' cybersecurity tools for the energy industry.

Discovered by security researchers from Chronicle, Alphabet's cyber-security division, the Linux version of the Winnti malware works as a backdoor on infected hosts, granting attackers access to compromised systems.

In those cases and others, the hackers could easily have unleashed unprecedented mayhem, says Silas Cutler, a researcher at Alphabet-owned security startup Chronicle who has tracked the Barium hackers.

Shortly after the leak, researchers from Chronicle, a cybersecurity startup founded by Google owner Alphabet, went through the trove of data.  It found a small handful of targets were based outside the Middle East, …..

But now researchers at Alphabet’s Chronicle Security say they have discovered what appears to be a new version of Flame that popped up in 2014 and likely remained active until 2016.

The company spelled out the competitive market it's intending to take on, which includes the entire on-premises data security market, such as SIEMs, Hadoop, and Elasticsearch, as well as security for all the related infrastructure, including servers, networking, and storage. "We really compete with doing security intelligence on your own to try to stop cyber attacks," Alphabet said.

That’s where Siemens sees Chronicle’s Backstory – leveraging Google’s infrastructure – playing a role. “What company in the world is best positioned to apply AI and machine learning to ingest these different data streams, tag them, mix them, and begin to identify patterns,” he asked.

Backstory relies on Google’s vast infrastructure, machine learning and data analytics tools to simplify the task at lower cost, helping companies to more easily filter out the signal of imminent security threats from the noise of false alarms that accompany them.

...Backstory gives security analysts the ability to parse potential threats from the avalanche of alerts, helping them more quickly pinpoint the real vulnerabilities. In a crowded U.S. market for cybersecurity vendors, there are few existing ways for security teams to knit all of the data from their different products in a unified system.

For example, an organization that missed a breach on its network initially will be able to use Backstory to find the origins of the incident and track what played out as a result. Crucially, Backstory customers will also benefit from the discoveries Chronicle makes by looking for patterns and anomalies in the combined data set of all its clients.

...a database of attack code called VirusTotal managed by another arm of Google-parent Alphabet Inc.

What exactly had Chronicle built, and why did it need the moonshot treatment to exist?

"We can work with an average security team and turn them into a great security team..."