News, news analysis, and commentary on the latest trends in cybersecurity technology.
The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team.
Organizations are increasingly relying on threat intelligence data to understand the sheer volume and complexity of security threats. On that note, Google Cloud has announced the general availability of the "curated detection" capability for its Chronicle security analysis platform to give organizations insights into the latest security threats.
The new feature, as part of the Chronicle SecOps Suite, pipes Google’s own threat intelligence data into an automated detection service that provides security teams with up-to-date insights on cloud threats -- such as attacks against cloud systems, attempts to exfiltrate data, and misconfigured systems -- and Windows-based attacks -- such as ransomware, remote-access tools, information stealers, data exfiltration, suspicious activity, and misconfigurations.
The service provides security teams with “high quality, actionable, out-of-the-box threat detection content curated, built, and maintained by the Google Cloud Threat Intelligence team," said Benjamin Chang, a Google Cloud software engineer. "By surfacing impactful, high-efficacy detections, Chronicle can enable analysts to spend time responding to actual threats and reduce alert fatigue."
The information from the detection service can be integrated with authoritative data sources, such as from the organization’s identity access management (IAM) systems and configuration management databases, to give security teams more context. Customers who used curated detections during public preview were able to detect malicious activity and take actions to prevent threats earlier in their life cycle, Chang said.
Microsoft provides similar capabilities via Microsoft Sentinel. Security teams are understaffed and overstressed, trying to keep up with an evolving threat landscape and managing the growing volume of alerts. Through these partnerships security teams have a shot at quickly identifying, investigating, and responding to threats.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024