The following diagram illustrates how your security data can flow into
Google Security Operations and how Google Security Operations handles that data and prepares it
for analysis using the Google Security Operations user interface.
Flow and processing of customer security data to Google Security Operations
Google Security Operations processes customer security data as follows:
Google Security Operations retrieves security data stored in a cloud service (such
as Amazon S3 or Google Cloud). The data is encrypted while in transit
to Google Security Operations.
Google Security Operations logically segregates and stores your security data into
your account in an encrypted form. Data is accessed by the customer only, plus
a limited number of Google personnel as necessary to support, develop, and
maintain the product.
Google Security Operations parses and validates the raw security data, making data
easier to process and display.
Google Security Operations indexes the data to make it easier to search.
Google Security Operations stores parsed and indexed data in an encrypted form within
each account.
You log in to your account to search and review your security data.
Google Security Operations searches for matches between your security data and the
VirusTotal malware database. In a Google Security Operations event view, such as Asset
view, click VT Context
to display information from VirusTotal. Your security data is never shared with
VirusTotal.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-13 UTC."],[[["Google Security Operations retrieves security data from cloud services like Amazon S3 or Google Cloud, ensuring it is encrypted during transit."],["The service segregates and stores customer security data within their accounts in an encrypted format, accessible only to the customer and authorized Google personnel."],["Raw security data is parsed, validated, and indexed to enhance processing and search capabilities within Google Security Operations."],["Google Security Operations checks security data against the VirusTotal malware database to enrich data analysis without sharing the customer's security data with VirusTotal."]]],[]]
