Features
Detect threats with confidence
Leverage Google curated detections to find the latest threats and map them to MITRE ATT&CK.
Simplify detection authoring with YARA-L to build custom content.
Leverage intelligence from Google, Mandiant, and VirusTotal to automatically uncover potential threats.
Get early warning signals of potential active breaches based on Mandiant’s frontline intelligence.
Identify potentially exploitable entry points accessible to attackers and prioritize remediation with attack surface management integration.
Investigate with insights at your fingertips
Analyze real-time activity with investigation views, visualizations, threat intel insights, and user aliasing.
Investigate with full context at your fingertips including anomalous assets and domain prevalence and more.
“Google search” petabytes of data at lightning speed.
Manage, prioritize, and assign work with unique threat-centric case management.
Seamlessly pivot between cases, alerts, entities, and detections with a unified experience across the entire TDIR workflow.
Respond with speed and precision
Drive consistency in your response and automate repetitive tasks with a full- featured intuitive playbook builder and 300+ integrations.
Easily collaborate on every case with fellow analysts, service providers, and other stakeholders.
Respond to incidents with stakeholders inside and outside the SOC (legal, PR, HR) in a secure “war-room.”
Supercharge productivity with Duet AI
Use natural language to search your data, iterate, and drill down. Duet AI generates underlying queries and presents full mapped syntax.
Investigate more efficiently with AI-generated summaries of what’s happening in cases, along with recommendations on how to respond.
[UPCOMING] Interact with Chornicle using a context-aware AI-powered chat, including the ability to create detections and playbooks.
Augment your team with expert help
Partner with Mandiant elite threat hunters, leveraging advanced techniques, to hunt for hidden attackers seamlessly using your Chronicle data.
Get complete visibility and actionable insights into what our expert hunters looked for, how and where they looked, and what they found—mapped to the MITRE ATT&CK® framework.
How It Works
How Chronicle Security Operations works
Common Uses
SOC modernization
Drive SOC modernization
Protect your organization against modern-day threats by transforming your security operations with Chronicle.
State of threat detection and response
SIEM augmentation
Eliminate blindspots and automate response
Enhance your organization’s threat detection, investigation, and response at a predictable cost with Google’s cloud-native hyperscale security operations platform.
Learn more about SIEM augmentation
Cloud detection and response
Cloud SecOps, by cloud experts
Get better and faster detection, investigation, and response to cloud-based cyber threats with the same native tools and best practices used to protect Google Cloud.
Learn more about streamlining threat detection and response
Pricing
How Chronicle Security Operations pricing works
Chronicle is available in packages and based on ingestion. Includes 1 year of security telemetry retention at no additional cost.
Chronicle is available in packages and based on ingestion. Includes 1 year of security telemetry retention at no additional cost.
Contact sales for pricing
| How Chronicle Security Operations pricing works | Chronicle is available in packages and based on ingestion. Includes 1 year of security telemetry retention at no additional cost. | |
|---|---|---|
| Product | Description | Pricing |
| Chronicle Security Operations |
Chronicle is available in packages and based on ingestion. Includes 1 year of security telemetry retention at no additional cost. |
Contact sales for pricing |
Learn about Chronicle Security Operations
Overcome data and resource constraints
See their storiesSee Security Operations from end-to-end
Watch the demoJoin the SecOps Community
Interact with your peers, access best practices, documentation, and moreLearn the technical aspects of Chronicle
Check out the Chronicle learning pathNew to Chronicle?
Check out product documentation for assistanceBusiness Case
Explore how organizations like yours cut costs, increase ROI, and drive innovation with Chronicle Security Operations
"With Chronicle we are analyzing 22x more data with no additional resources"
Mike Orosz, Chief Information Security Officer at Vertiv
Chronicle enables Vertiv to detect more threats and reduce response times
See the story
Features benefits and customers of Chronicle Security Operations
"With Chronicle we don’t have to compromise on the amount of data and different log sources we bring into the SIEM and this is something that we were never able to do before, so it is amazing." - Antonia Nisioti, Head of SOC, Secrutiny
“We have advanced capabilities around threat intelligence that are highly integrated into the Chronicle platform. We like the orchestration capabilities that enable us to enrich the data and provide additional context to it, so our SOC and analysts are able to prioritize that work and respond with the attention that is needed.” - Bashar Abouseido, CISO, Charles Schwab
"We think Google made a strategic decision in the way that they built the platform [Chronicle Security Operations] many years ago. Not only is it highly robust and has millisecond search capability across vast amounts of data, but it gives you an unlimited amount of storage compared to the other platforms." - Robert Herjavec, CEO, Cyderes
