The following diagram illustrates how your security data flows into
Google SecOps and how the system processes that data for analysis in
the interface.
Process customer security data in Google SecOps
Google SecOps processes your security data as follows:
Retrieves security data from cloud services like Amazon S3 or the
Google Cloud. Google SecOps encrypts this data in transit.
Separates and stores your encrypted security data in your account. Access is
limited to you and a small number of Google personnel for product support, development, and maintenance.
Parses and validates raw security data, making it easier to process and view.
Indexes the data for quick searches.
Stores the parsed and indexed data within your account.
Offers secure access for users to search and review their security data.
Compares your security data with the VirusTotal malware database to identify
matches. In a Google SecOps event view, such as the Asset view,
click VT Context to see VirusTotal information.
Google SecOps doesn't share your security data with
VirusTotal.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-20 UTC."],[[["\u003cp\u003eGoogle Security Operations retrieves security data from cloud services like Amazon S3 or Google Cloud, ensuring it is encrypted during transit.\u003c/p\u003e\n"],["\u003cp\u003eThe service segregates and stores customer security data within their accounts in an encrypted format, accessible only to the customer and authorized Google personnel.\u003c/p\u003e\n"],["\u003cp\u003eRaw security data is parsed, validated, and indexed to enhance processing and search capabilities within Google Security Operations.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Security Operations checks security data against the VirusTotal malware database to enrich data analysis without sharing the customer's security data with VirusTotal.\u003c/p\u003e\n"]]],[],null,[]]