Tag: Chronicle

Chronicle Gemini LLM July 14, 2025

Implementing Custom AI Investigators in Vertex AI for Google SecOps - This article details how to leverage Gemini AI models within Google Cloud's Vertex AI and SecOps platform to automate alert triage.

Chronicle Gemini Oct. 28, 2024

Creating an Entity Explorer Widget in Chronicle SOAR with Gemini Code Assist - In this post, I explore using Gemini Code Assist to create a custom Entity Explorer Action and HTML widget in Chronicle SOAR.

Chronicle Aug. 26, 2024

Windows Active Directory data collection with the new SecOps Collection Agent - The new SecOps Collection Agent, built on the OpenTelemetry Collector, revolutionizes log collection and management for Google Cloud SecOps. It enables seamless integration with a wide range of observability tools, empowering customers with exceptional capabilities.

Chronicle Official Blog Jan. 29, 2024

IDC study: Customers cite 407% ROI with Chronicle Security Operations

BigQuery Chronicle Dec. 18, 2023

The curious case of the Rule that started working… - Yes, you read that right. Why did a long dormant rule suddenly spring back to life in Chronicle SIEM?

BigQuery Chronicle Security Dec. 11, 2023

Utilizing BigQuery to Analyze Exported Chronicle SIEM Archives - This post explores how to use the Data Export API, and effectively query exported raw logs using SQL statements in GCP BigQuery.

Chronicle Official Blog Sept. 25, 2023

Introducing the unified Chronicle Security Operations platform - Chronicle’s latest update unifies our SOAR and SIEM solutions, integrates Mandiant’s attack surface management technology, and offers more robust application of threat intelligence.

Chronicle Official Blog Security Sept. 4, 2023

Introducing Mandiant Hunt for Chronicle to help you uncover hidden threats in real-time - Announced today at Next ‘23, Mandiant Hunt integrates frontline intelligence and expertise into Chronicle Security Operations to search for undetected attacks.

Chronicle Official Blog Aug. 14, 2023

Chronicle CyberShield - Google Cloud’s Approach to Strengthen Nation-wide Cyber Defense - Chronicle CyberShield can provide governments agencies with a platform that integrates threat intelligence, detection, and response.

Chronicle Security Aug. 7, 2023

Why you should integrate Chronicle SIEM with your GCP environment - This post explores several powerful features you can use with Chronicle SIEM when you link your tenant to a GCP Project.

Chronicle Official Blog June 19, 2023

Introducing simplified end-to-end TDIR for Chronicle - Chronicle Security Operations now provides turnkey TDIR for Google Cloud, to collect and analyze data, detect and investigate threats, and automate responses to mitigate risks.

Chronicle Official Blog May 1, 2023

Introducing AI-powered investigation in Chronicle Security Operations - Chronicle customers will be able to search security events and interact conversationally with the results, all without learning a new syntax or schema.

Chronicle Official Blog Security April 24, 2023

How Chronicle can help advance security product development and overcome data lake challenges

Chronicle Official Blog April 3, 2023

How to optimize SLA execution with Chronicle SOAR - As SLA adoption grows, so will the need for security tools that make meeting SLAs more about quality than speed. Enter: Chronicle SOAR.

BigQuery Chronicle Looker March 13, 2023

Monitoring Detection Rule Latency in Chronicle SIEM - This post covers how you can monitor Detection Rule latency in Chronicle SIEM, and common causes of late arriving Detections.

Chronicle Cloud Monitoring Feb. 27, 2023

Chronicle Forwarder Telemetry via Google Cloud Monitoring - Ever wanted an alert when a Log Source in your Chronicle SIEM goes silent? The new GCP Operations preview does exactly that.

Chronicle Jan. 30, 2023

Working with Repeated Fields in Chronicle SIEM - Exploring Repeated fields, a field type within Chronicle SIEM’s UDM schema that can store multiple values in a single key.

BigQuery Chronicle Security Jan. 9, 2023

Finding stale user accounts using Chronicle Data Lake - Reporting accounts that are active, but no one has logged into recently using Chronicle SIEM.

Chronicle Dec. 26, 2022

The Chronicle CLI - Chronicle SIEM recently released the Chronicle CLI onto GitHub. In this post I’ll explore what it is, and how to start using it.

Chronicle Nov. 27, 2022

Identifying Late Arriving Log Sources - Identify sources of ‘late arriving’ data in your Chronicle SIEM.

Chronicle Official Blog Security Nov. 21, 2022

Introducing new, faster search and investigative experience in Chronicle Security Operations - New features for Chronicle can enable security teams to more rapidly hunt, investigate, and respond to threats.

Chronicle Official Blog Security Oct. 17, 2022

Introducing Chronicle Security Operations: Detect, investigate, and respond to cyberthreats with the speed, scale, and intelligence of Google - We are excited to unveil Chronicle Security Operations, a modern, cloud-native suite that can better enables cybersecurity teams to detect, investigate, and respond to threats.

Chronicle Official Blog Aug. 22, 2022

Announcing curated detections in Chronicle SecOps Suite - Curated detections for Chronicle enables security teams to use Google’s intelligence and expertise in responding to threats and cyberattacks.