IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google adds prevalence visualisation, curated threat detection to Chronicle suite

Security teams will be given content hand-picked by Google experts, as well as greater context and tactic-mapping

Google Cloud has announced the general availability of new curated threat detection capabilities within its Chronicle Cloud SecOps suite.

Security teams will now be able to easily turn on curated detections from within the Chronicle console, with content built by the Google Cloud Threat Intelligence (GCTI) team. The GCTI team will continue to maintain this content as part of Google Cloud’s services.

Access will also be given to detailed contextual information from authoritative sources such as the configuration management database (CMDB), and teams will be able to speed up analysis and response times to threats through visualisation of the prevalence with which anomalous assets have been detected.

In the blog post making the announcement, Google also states that detected threats can now be natively mapped to MITRE’s ATT&CK framework to provide insight into threat actor strategy. Additionally, the company highlights the vast swathes of data that it processes every day, alongside its “billions” of users, as providing a huge data set for threat analysis.

The new detection sets were built to address a plethora of potential threats, including ransomware, remote-access tools (RAT), exfiltration of data, suspicious activity, infostealers and poor configuration. GCTI will continually add to and refine these sets, with the first release covering threats targeting Windows-based threats as well as cloud-specific attacks.

Chronicle is a Google Cloud-native security information and event management (SIEM) company.

“By surfacing impactful, high-efficacy detections, Chronicle can enable analysts to spend time responding to actual threats and reduce alert fatigue,” stated.

“Our customers who used curated detections during our public preview were able to detect malicious activity and take actions to prevent threats earlier in their lifecycle. 

“And there’s more to come. We will be delivering a steady release of new detection categories covering a wide variety of threats, community-driven content, and other out-of-the-box analytics.”

In April, Google revealed a new managed security service provider (MSSP) program for Chronicle, offering MSSPs greater tools and threat detection alongside more flexible margins as a result of its licensing model.

Related Resource

Building for success with off-premises private cloud

Leveraging co-location facilities to execute your cloud strategy

Purple whitepaper cover with image of sky rise buildings in the background Free Download

Earlier in August, Google Cloud also announced the Cloud Analytics project, in an extension of its partnership with security company MITRE. This provides companies with pre-built queries to make cloud-specific threat hunting easier to perform, as informed by common tactics used by threat actors.

Altogether, Google Cloud has made significant steps in the past few months to consolidate its position as the leading cloud provider in terms of growth. Despite this, Amazon Web Services (AWS) and Microsoft Azure are still ahead with their customer bases, the latter having taken the lead for the first time earlier this year.

Featured Resources

Big data for finance

How to leverage big data analytics and AI in the finance sector

Free Download

Ten critical factors for cloud analytics success

Cloud-native, intelligent, and automated data management strategies to accelerate time to value and ROI

Free Download

Remove barriers and reconnect with your customers

The $260 billion dollar friction problem businesses don't know they have

Free Download

The future of work is already here. Now’s the time to secure it.

Robust security to protect and enable your business

Free Download

Recommended

Majority of CIOs concerned that cloud complexity exceeds human ability
cloud management

Majority of CIOs concerned that cloud complexity exceeds human ability

15 Sep 2022
How CRM can help your business
customer relationship management (CRM)

How CRM can help your business

15 Sep 2022
Google Cloud joins TM Forum, aims to foster telco innovation
Cloud

Google Cloud joins TM Forum, aims to foster telco innovation

6 Sep 2022
VMware unveils multi-cloud management platform
cloud computing

VMware unveils multi-cloud management platform

31 Aug 2022

Most Popular

How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022
Why collaboration is key to digital transformation
Sponsored

Why collaboration is key to digital transformation

13 Sep 2022