4:50 PM, February 1, 2023

Cyberthreat detection and response for the future

Home
| The European | 9 January 2023

As detection, investigation and response to cybersecurity threats becomes increasingly challenging, a modern, cloud-native, security operations suite is more vital than ever, argues Chris Corde from Google Cloud

Staying ahead of rising security threats and incidents are among the most vital discussions any organisation can have, yet too many alerts and shifting threat trends make security operations notoriously difficult. The recent mass pivot to remote and hybrid work, coupled with increasingly sophisticated threat actors, make threat detection more challenging, more data-intensive, and more important, than ever before.

The reality is that organisations are constantly under attack, business is changing rapidly, and technology continues to evolve. And past cyberthreat detection and response methods can’t rise to the challenge. SecOps teams need a different approach: a modern take on cyberthreat detection and response.

This is why we recently unveiled Chronicle Security Operations, a modern, cloud-born software suite that can better enable cybersecurity teams to detect, investigate, and respond to threats with the speed, scale, and intelligence of Google. It’s another step in our commitment to democratising security operations and providing better security outcomes for organisations of all sizes and levels of maturity.

Unifying security capabilities

Chronicle Security Operations brings together the capabilities that many security teams depend on to identify threats more quickly, and rapidly respond to them. It unifies Chronicle’s security information and event management (SIEM) technology, with the security orchestration, automation, and response (SOAR) solutions and threat intelligence from Google Cloud. The recently-completed Mandiant acquisition will add even more incident and exposure management and threat intelligence capabilities in the future.

Chronicle Security Operations can provide a more streamlined and integrated experience for security operations teams, including:

● Uniform look and feel across Chronicle’s SIEM and SOAR capabilities to deliver an integrated user experience.

● Single display that pulls together and presents the information about an entity from multiple relevant data sources, including VirusTotal and Google Cloud Threat Intelligence, to help provide context and enable faster decision making.

● Investigative pivots that enable analysts to switch between alerts and entities across Chronicle SIEM detections and Chronicle SOAR modules, which can enable faster investigations.

● Integrated alert management between Chronicle SIEM detections and Chronicle SOAR threat-centred case management, for a more streamlined investigation experience.

● Pre-packaged response playbooks to Google Cloud-based alerts surfaced by Security Command Center, which can speed up resolutions and reduce manual effort.

ABOUT THE AUTHOR

Chris Corde is Director of Product Management, Threat Detection & Response at Google Cloud.

Further information

www.chronicle.security

Sign Up

For the latest news

Download the App free today

Follow
your favourite
business magazine
while on the go.
Available on

Magazine Hard Copy Subscription

Get your
favourite magazine
delivered directly
to you

Purchase

Magazine Digital Subscription

Get the digital
edition of the award winning
The European

Subscribe

Climate Change
Review

Subscribe

Awards

Supplement

Read about our award winners

Read supplement

India in Focus

Supplement

Read about business and energy strategies

Read supplement

Other Home Articles You May Like

Website Design Canterbury