Put planetary-scale threat intelligence to work
Uncover more indicators of compromise, detect more threats, and integrate Google’s unparalleled threat intelligence into your security operations workflows.
Chrome browsers with safe browsing
Gmail inboxes protected from phishing
files and URLs analyzed by VirusTotal
Explore Threat Intelligence
Powerful Google Cloud Threat Intelligence (GCTI)
Drive better detections with high quality, actionable, out-of-the-box threat detection content curated, built, and maintained by Google Cloud Threat Intelligence researchers.
Native detection sets cover a variety of threats across vectors, including Windows-based attacks like ransomware, remote-access tools (RAT), infostealers, data exfiltration, and suspicious activity.
Unlock new detection coverage with new analytics regularly built by Google Cloud Threat Intelligence researchers uncovering new and latent attacks.
Use GCTI detections to build response actions and write rules customized to your environment.
Contextual VirusTotal integration
Conduct more effective investigations with insights at your fingertips from VirusTotal Enterprise, the world’s largest threat observatory.
Save time and make better decisions with automated alert enrichment and instant insight into malicious files and URLs.
Leverage the VirusTotal Augment widget to drive efficiencies in SOC processes, and enable faster search for artifacts like domains, IPs, URLs or hashes.
Gain context beyond your network perimeter, expand your telemetry and explore related VirusTotal IoCs in a graphical manner.
Open threat-intelligence platform
Integrate your own threat intelligence feeds with Chronicle’s context-aware detections for increased alert fidelity and richer investigations.
Leverage API to programmatically access security data on the Chronicle. Customize threat intelligence consumption tailored to your environment.
Map detection coverage to the MITRE ATT&CK framework to better understand adversary tactics and techniques and uncover potential gaps in defenses.
Ingest third party intelligence feeds and drive additional coverage to attacks. Correlate easily and effectively with Chronicle driven context.
New Ingestion Metrics, New YARA-L Functions, and New VirusTotal Widget Integrations
Get actionable threat intelligence to ensure your cloud environments are best protected against ever evolving threats.
In this episode of “Fastest Two Minutes in SecOps,” Google Cloud Principal Security Strategist John Stoner introduces you to the benefits of hunting, and also offers words of caution for teams who may rush into the practice before other competencies of their detection and response are sufficiently built out.
Want world-class threat intelligence?
Learn more about Threat Intelligence.Visit the contact us page