Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Chronicle Return to the Chronicle homepage
Security Operations Suite arrow_forward expand_more
Security Operations Suite

Explore the Security Operations Suite for the modern SOC.

Security Operations Suite
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
SIEM Eliminate security blindspots and fight threats with the speed and scale of Google.
SOAR Orchestrate, automate, and collaborate with ease to respond to threats in minutes, not days.
Threat intelligence Stay ahead of adversaries with Google’s unparalleled threat intelligence.
Marketplace Explore pre-packaged use cases and hundreds of integrations.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Overview Level up your security team’s performance with four powerful solutions.
SecOps transformation Accelerate business transformation and maximize threat coverage.
SIEM augmentation Eliminate security blindspots and expand automation.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Events Find out where you can interact with us or learn more live.
News Read what the media are saying about Chronicle.
Community Join security pros sharing SecOps content and best practices
Contact us Visit the contact us page
Chronicle Return to the Chronicle homepage
Security Operations Suite arrow_forward expand_more
Security Operations Suite

Explore the Security Operations Suite for the modern SOC.

Security Operations Suite
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
SIEM Eliminate security blindspots and fight threats with the speed and scale of Google.
SOAR Orchestrate, automate, and collaborate with ease to respond to threats in minutes, not days.
Threat intelligence Stay ahead of adversaries with Google’s unparalleled threat intelligence.
Marketplace Explore pre-packaged use cases and hundreds of integrations.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Overview Level up your security team’s performance with four powerful solutions.
SecOps transformation Accelerate business transformation and maximize threat coverage.
SIEM augmentation Eliminate security blindspots and expand automation.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Events Find out where you can interact with us or learn more live.
News Read what the media are saying about Chronicle.
Community Join security pros sharing SecOps content and best practices
Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Mandiant is now part of Google Cloud. Learn More Mandiant is now part of Google Cloud. .

Threat Intelligence

Put planetary-scale threat intelligence to work

Uncover more indicators of compromise, detect more threats, and integrate Google’s unparalleled threat intelligence into your security operations workflows.

4B

Chrome browsers with safe browsing

2.5B

Gmail inboxes protected from phishing

6B

files and URLs analyzed by VirusTotal

Explore Threat Intelligence

Native Integration

Powerful Google Cloud Threat Intelligence (GCTI)

Drive better detections with high quality, actionable, out-of-the-box threat detection content curated, built, and maintained by Google Cloud Threat Intelligence researchers.
Detection coverage across various vectors of attack

Native detection sets cover a variety of threats across vectors, including Windows-based attacks like ransomware, remote-access tools (RAT), infostealers, data exfiltration, and suspicious activity.

Ongoing curation of detections built to detect latest threats

Unlock new detection coverage with new analytics regularly built by Google Cloud Threat Intelligence researchers uncovering new and latent attacks.

Powerful detection authoring platform to use new analytics

Use GCTI detections to build response actions and write rules customized to your environment.

VirusTotal Integration

Contextual VirusTotal integration

Conduct more effective investigations with insights at your fingertips from VirusTotal Enterprise, the world’s largest threat observatory.

Accelerate context-driven investigation and threat hunting

Save time and make better decisions with automated alert enrichment and instant insight into malicious files and URLs.

Seamless VirusTotal widget integration

Leverage the VirusTotal Augment widget to drive efficiencies in SOC processes, and enable faster search for artifacts like domains, IPs, URLs or hashes.

Map out attacker infrastructure, toolkits and modus operandi

Gain context beyond your network perimeter, expand your telemetry and explore related VirusTotal IoCs in a graphical manner.

Integration

Open threat-intelligence platform

Integrate your own threat intelligence feeds with Chronicle’s context-aware detections for increased alert fidelity and richer investigations.
API-driven open platform

Leverage API to programmatically access security data on the Chronicle. Customize threat intelligence consumption tailored to your environment.

Understand MITRE ATT&CK coverage

Map detection coverage to the MITRE ATT&CK framework to better understand adversary tactics and techniques and uncover potential gaps in defenses.

Integrate third party intelligence sources

Ingest third party intelligence feeds and drive additional coverage to attacks. Correlate easily and effectively with Chronicle driven context.
Related resources
SECURITY ANALYST DIARIES
Security Analyst Diaries: Episode 3

New Ingestion Metrics, New YARA-L Functions, and New VirusTotal Widget Integrations

Watch and listen to episode three
REPORTS
Cloud Threat Intelligence: Threat Horizons Report

Get actionable threat intelligence to ensure your cloud environments are best protected against ever evolving threats.

Download the Threat Horizons Report
BLOG
Fastest Two Minutes in SecOps: Threat hunting [Part 1] [Video]

In this episode of “Fastest Two Minutes in SecOps,” Google Cloud Principal Security Strategist John Stoner introduces you to the benefits of hunting, and also offers words of caution for teams who may rush into the practice before other competencies of their detection and response are sufficiently built out.

Read the blog post
See more resources Visit the Knowledge Hub page

Want world-class threat intelligence?

Learn more about Threat Intelligence.

Contact us Visit the contact us page