19 April 2024

Cyberthreat detection and response for the future

Home
| The European |

As detection, investigation and response to cybersecurity threats becomes increasingly challenging, a modern, cloud-native, security operations suite is more vital than ever, argues Chris Corde from Google Cloud

Staying ahead of rising security threats and incidents are among the most vital discussions any organisation can have, yet too many alerts and shifting threat trends make security operations notoriously difficult. The recent mass pivot to remote and hybrid work, coupled with increasingly sophisticated threat actors, make threat detection more challenging, more data-intensive, and more important, than ever before.

The reality is that organisations are constantly under attack, business is changing rapidly, and technology continues to evolve. And past cyberthreat detection and response methods can’t rise to the challenge. SecOps teams need a different approach: a modern take on cyberthreat detection and response.

This is why we recently unveiled Chronicle Security Operations, a modern, cloud-born software suite that can better enable cybersecurity teams to detect, investigate, and respond to threats with the speed, scale, and intelligence of Google. It’s another step in our commitment to democratising security operations and providing better security outcomes for organisations of all sizes and levels of maturity.

Unifying security capabilities

Chronicle Security Operations brings together the capabilities that many security teams depend on to identify threats more quickly, and rapidly respond to them. It unifies Chronicle’s security information and event management (SIEM) technology, with the security orchestration, automation, and response (SOAR) solutions and threat intelligence from Google Cloud. The recently-completed Mandiant acquisition will add even more incident and exposure management and threat intelligence capabilities in the future.

Chronicle Security Operations can provide a more streamlined and integrated experience for security operations teams, including:

● Uniform look and feel across Chronicle’s SIEM and SOAR capabilities to deliver an integrated user experience.

● Single display that pulls together and presents the information about an entity from multiple relevant data sources, including VirusTotal and Google Cloud Threat Intelligence, to help provide context and enable faster decision making.

● Investigative pivots that enable analysts to switch between alerts and entities across Chronicle SIEM detections and Chronicle SOAR modules, which can enable faster investigations.

● Integrated alert management between Chronicle SIEM detections and Chronicle SOAR threat-centred case management, for a more streamlined investigation experience.

● Pre-packaged response playbooks to Google Cloud-based alerts surfaced by Security Command Center, which can speed up resolutions and reduce manual effort.

ABOUT THE AUTHOR

Chris Corde is Director of Product Management, Threat Detection & Response at Google Cloud.

Further information

www.chronicle.security

Sign Up

For the latest news

Magazine Hard Copy Subscription

Get your
favourite magazine
delivered directly
to you

Purchase

Digital Edition

Get every edition delivered
directly into your email inbox

Subscribe

Download the App free today

Follow
your favourite
business magazine
while on the go.
Available on

Other Home Articles You May Like

Website Design Canterbury