Introducing Chronicle Security Operations
35Welcome to Chronicle Security Operations, a cloud-native suite designed to serve as the “workbench” for security operations teams tasked with detecting, investigating and responding to cyber threats across their hybrid environment. It combines key functions such as security information and event management (SIEM), security orchestration, automation and response (SOAR) and threat intelligence from Google Cloud and VirusTotal.
Chronicle Security Operations can provide a more streamlined and integrated experience for security operations teams, including:
· Uniform look and feel across Chronicle’s SIEM and SOAR capabilities to deliver an integrated user experience
· Single display that pulls together and presents the information about an entity from multiple relevant data sources, including VirusTotal and Google Cloud Threat Intelligence, to help provide context and enable faster decision making
· Investigative pivots that enable analysts to switch between alerts and entities across Chronicle SIEM detections and Chronicle SOAR modules, which can enable faster investigations
· Integrated alert management between Chronicle SIEM detections and Chronicle SOAR threat-centered case management, for a more streamlined investigation experience
· Pre-packaged response playbooks to Google Cloud-based alerts surfaced by Security Command Center, which can speed up resolutions and reduce manual effort
Learn more → https://chronicle.security/