Quickly respond to security incidents by integrating Chronicle threat detection and investigation with the SecOps security orchestration engine.
Chronicle, part of Google Cloud, is a security analytics platform for threat detection, investigation and hunting. With Chronicle, enterprises can ingest all their security telemetry at a fixed cost into a private cloud container and retain it for a full year. Chronicle enriches raw security events with correlated information on users, assets and threat indicators.
Using the Chronicle app, you can leverage enrichment details and seamless threat lookup directly from the SecOps interface.
- Enrich observables with data from Chronicle
- Perform threat lookup on observables
- Perform sighting search to discover which devices accessed specified observables
Provided Washington DC support
Threat Intelligence and Chronicle for Security Incident Response integration required.