Google Chronicle Introduces Threat Detection Solution
Google Chronicle has launched Chronicle Detect, a threat detection solution built on Google Cloud Platform (GCP) infrastructure.
Security teams can use Chronicle Detect to send security telemetry to Chronicle at a fixed cost and map it to a common data model across machines, end-users and threat indicators, according to a prepared statement. In doing so, they can apply threat detection rules to a unified set of data.
In addition, Chronicle Detect allows security teams to leverage advanced threat detection rules out-of-the-box, build their own rules or migrate rules over from legacy tools, Google said. Security teams can access Chronicle Detect threat detection rules and threat indicators from the Uppercase threat research team, use the YARA-L language to edit and build detection rules in the Chronicle interface and leverage a Sigma-YARA converter to transfer their rules to and from Chronicle.
Along with Chronicle Detect, Google has announced new global availability and data localization options, including data center support for capabilities in Europe and the Asia Pacific region. Google also plans to build out Chronicle integrations to help organizations uncover threats on-premises and in Google Cloud and other cloud environments.
A Closer Look at Chronicle
Chronicle offers a security analytics platform that allows security teams to extract signals from security telemetry, the company indicated. The platform provides an elastic container for storing security telemetry and enables security teams to use proprietary data sources, public intelligence feeds and other information to identify and assess threats.
Chronicle has gained mention with some managed security services providers (MSSPs) and technology partners.
Google Cloud absorbed Chronicle in 2019 and continues to explore partnerships with MSSPs, cyber consulting companies and managed detection and response (MDR) providers.