Powering Security Operations with context-aware detections, alert prioritization and risk scoring in Google Chronicle.

  • Prioritize threats with risk scoring: Making relevant context available for heuristic-driven contextual risk scoring of detections at detection execution time rather than at the human triage stage.
  • Respond to alerts faster: Reducing time spent on triage and manually stitching together information from disparate IT security systems (e.g. EDR consoles, firewall/proxy logs, CMDB and IAM context, and vulnerability scan results).
  • Enhance fidelity of alerting: Enabling analysts and detection engineers to filter out entire clusters of threats that may be expected or represent little-to-no danger to the enterprise (e.g. malware testing in a sandbox environment, vulnerabilities and anomalous activity in a development network with no sensitive data or access, and more).

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Interacting with Tolar HashNET (part 2)

Are Personal Data Stores about to become the NEXT BIG THING?

{UPDATE} Wonders of Egypt - Hidden Objects Game Hack Free Resources Generator

Secure OAuth 2.0: What Could Possibly Go Wrong?

Attack Surface Management in times of XDR

The great IITG file download limit

What can you do with an XSS vulnerability

December Airdrops: BANANO Airdrop & free cryptomonKeys NFTs to all Reddit users!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chronicle

Chronicle

More from Medium

Security Analyst Diaries #2: Detect-alert-respond, context is key everywhere in security operations.

The Shift-Left strategy applied to Threat Detection

How to Measure Threat Detection Quality for an Organization?

Tidal Cyber — Why Tidal? Why now?