The “Google on SecOps” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on August 8th, 2023 by Ahnna Schini and Kristen Cooper. Going forward, all Google Security Operations (formerly known as Chronicle Security Operations) blogs will be published here.

Google Security Operations’ momentum is holding strong with additional functionality to save our customers’ time and resources. We are continuing to bolster threat detection, investigation and response capabilities for cloud environments while also focussing on everyday functionality. We’ve compiled the top features released in Q2 below. 

Simplified End-to-End TDIR

Outcomes-driven security for your Google Cloud environment.

• One click ingestion, understanding of each cloud service log/data format, attack vectors, and more
• Curated detections based on Google’s knowledge of cloud threats
• Visualization of cloud threats with rich cloud and off-cloud context
• Repeatable, automated response playbooks

See the Google Cloud blog for more details.

Manage Credentials via an External Vault

Easily prevent the unauthorized use of passwords. With the new capability to manage credentials in an external vault, customers can now store their passwords, API keys, certificates, etc. and pull them into the Google Security Operations platform via CyberArk PAM. 

Multiple Environment Support

Google Security Operations now supports configuring one agent for multiple environments so customers can easily separate between different networks or business units, or between different customers of an MSSP.

Exclusion Filtering for Curated Detections

Quickly and easily filter out noisy or unwanted detections from your Curated Detection results, reducing overall workload.

Interested in seeing more? Schedule a demo today to see how you can leverage these new features.