[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-08-21。"],[],[],null,["| Enterprise [service tier](/security-command-center/docs/service-tiers)\n\nThe Enterprise tier of Security Command Center lets you apply curated detection rules,\ndetect threats on other cloud platforms, and use cases to manage your\ninvestigations.\n\nThe curated rules enable you to identify patterns in Google Cloud, AWS, and Azure data.\nThese features extend Security Command Center Enterprise threat detection to let you\nidentify more threat patterns in additional cloud environments.\n\nFor general information about how to use curated detections, see\n[Getting started with curated detections](/chronicle/docs/detection/use-curated-detections).\n\nCurated detections for AWS data\n\nSee [Overview of Cloud Threats Category](/chronicle/docs/detection/cloud-threats-category)\nfor information about available curated detections for AWS data and the required data for each rule set.\nFor information about how to ingest data required by these rule sets, see the following:\n\n- [Ingest AWS data](/chronicle/docs/ingestion/ingest-aws-logs-into-chronicle)\n- Google Cloud data: You configured the Google Cloud data ingestion during the [Security Command Center Enterprise tier activation process](/security-command-center/docs/activate-enterprise-tier). To change the configuration of Google Cloud data ingestion, see [Ingest Google Cloud data](/chronicle/docs/ingestion/cloud/ingest-gcp-logs).\n\nCurated detections for Microsoft Azure data\n| **Preview**\n|\n|\n| This product or feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| Pre-GA products and features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\nSee [Curated detections for Microsoft Azure and Microsoft Entra ID data](/chronicle/docs/detection/cloud-threats-category#azure-curated-detections)\nfor information about available rule sets and the required Azure data.\n\nFor information about how to ingest Azure and Microsoft Entra ID data required by these rule sets, see the following:\n\n- [Supported devices and required log types](/chronicle/docs/detection/cloud-threats-category#azure-supported-devices).\n- [Ingest Azure and Microsoft Entra ID data](/chronicle/docs/detection/cloud-threats-category#ingest-azure).\n\nWhat's next\n\n- If you purchased Mandiant Threat Defense as an add-on to Security Command Center Enterprise tier,\n Mandiant will provision access to the Mandiant documentation\n portal where you can find onboarding steps in the\n [Getting Started Guide for Mandiant Threat Defense for Google Security Operations](https://docs.mandiant.com/mh-hunt-getting-started).\n If you have not purchased Mandiant Threat Defense and are interested in learning more\n about this offering, see [Mandiant Threat Defense](/security/products/mandiant-managed-threat-hunting)\n or contact your account team.\n\n- If you are working with AWS data, do the following:\n\n - Review the rule sets for AWS data in the [Cloud Threats category](/chronicle/docs/detection/cloud-threats-category).\n - [Ingest AWS data](/chronicle/docs/ingestion/ingest-aws-logs-into-chronicle) to the Google Security Operations component.\n- If you are working with Microsoft Azure and Microsoft Entra ID data, do the following:\n\n - Review the [Curated detections for Azure data](/chronicle/docs/detection/cloud-threats-category#azure-curated-detections).\n - Ingest [Azure and Microsoft Entra ID data](/chronicle/docs/detection/cloud-threats-category#ingest-azure) to the Google Security Operations component."]]
