Google Cloud has announced Google Chronicle Security Operations, a software suite designed to help cybersecurity teams detect, investigate and respond to threats. The company unveiled Chronicle Security Operations at its Google Cloud Next '22 virtual conference.

Chronicle Security Operations combines Chronicle's security information and event management (SIEM) technology with the security orchestration, automation and response (SOAR) solutions from Siemplify (which Google Cloud acquired in January 2022) and threat intelligence from Google Cloud, according to a prepared statement.

A Closer Look Chronicle Security Operations

Key features of Chronicle Security Operations include:

  • Single display that shows security data from multiple sources
  • Pre-packaged response playbooks for Google Cloud-based alerts
  • Investigative pivots that allow security analysts to switch between alerts and entities across Chronicle SIEM detections and Chronicle SOAR modules

Chronicle Security Operations is now available in preview mode. Also, Chronicle Security Operations will utilize Mandiant incident and exposure management and threat intelligence capabilities in the future. Google Cloud completed its acquisition of Mandiant in September 2022.

Google Cloud Revamps Its Security Operations

Along with introducing Chronicle Security Operations, Google Cloud has announced the following changes across its security operations:

  • All security operations software falling under the Chronicle brand
  • The Siemplify brand replaced with Chronicle SOAR
  • The security analytics capabilities of Chronicle Security Operations referred to as Chronicle SIEM

In addition to acquiring Mandiant and Siemplify, Google Cloud has made several moves to extend its cybersecurity market reach in 2022, including:

Google Cloud looks poised to make additional moves in the cybersecurity market. It also continues to explore cybersecurity partnerships.