Sed ut perspiciatis unde. Users of the SecOps platform can preview Duet AI’s natural language questions and summarization capabilities. Google Cloud announced today that an updated version of its Chronicle Security Operations platform is available in preview. The update unifies security information and event management and security orchestration, automation and response, plus adds an Applied Threat Intelligence tool. The preview includes the chatbot Duet AI. At the same time, a new attack surface management service for Chronicle Security Operations from Mandiant was added.Chronicle Security Operations is a subscription service, with pricing available on request.Jump to:Google has combined SIEM and SOAR in Chronicle Security Operations to help security operations teams parse the massive amounts of data they receive. Software companies have been trying since the advent of modern big data collection to go beyond collection into effectively utilizing data. Security teams need to be able to see unified data connected in intuitive and practical ways and to know what data or alert to act on first.In the version of Chronicle now in preview, the application automatically groups alerts into cases; each case includes related alerts and enrichment. Ideally, this will help security teams make faster decisions, Google said.SEE: What is DevSecOps? (TechRepublic)“We have advanced capabilities around threat intelligence that are highly integrated into the Chronicle platform,” said Bashar Abouseido, chief information security officer at Charles Schwab, in the Google post about the news. “We like the orchestration capabilities that enable us to enrich the data and provide additional context to it, so our SOC and analysts are able to prioritize that work and respond with the attention that is needed.”Applied Threat Intelligence is a new capability in Chronicle Security Operations, and it is now available in preview alongside the SIEM/SOAR unification update. It pulls threat intelligence from Google Cloud, Mandiant and VirusTotal, then applies that threat intelligence to the events listed in Chronicle Security Operations to enrich and contextualize each event. Artificial intelligence and machine learning decide how threats should be prioritized based on the specific needs of each security team.If an event matches a known threat indicator, Applied Threat Intelligence will add the threat actor, threat campaign or malware family context. Then, security researchers can use custom searches or detections to find out more about the information Applied Threat Intelligence provides. Essentially, Google wants to use its search engine prowess to make active security events equally searchable.Built on the Vertex AI platform, the Duet AI chatbot assistant allows security researchers to ask questions in natural language and can summarize cases and guidance. (Figure A.) With Duet AI, SecOps workers will be able to search Chronicle Security Operations for threats, responses and the status of cases. The Duet AI integration is now in preview.Figure A “Duet AI in Chronicle instantly turns natural language queries into complex searches, which helps people new to security ramp up faster and makes experts even more productive,” Eric Doerr, vice president of engineering, cloud security at Google Cloud, told TechRepublic in an email.Starting now, Google has added Mandiant Attack Surface Management to Chronicle Security Operations. Mandiant Attack Surface Management identifies and validates exploitable entry points. Like the other Chronicle Security Operations updates, it is designed to help the SecOps team decide which risks are most impactful and therefore should be mitigated first. Google acquired Mandiant in September 2022.Alternatives to Chronicle Security Operations include Microsoft Sentinel, Splunk Enterprise (for data analysis and searching), IBM Security QRadar, Datadog (for SIEM), Devo Technology and Oracle Security Monitoring and Analytics from Oracle Cloud. Source link Save my name, email, and website in this browser for the next time I comment.By using this form you agree with the storage and handling of your data. * Δdocument.getElementById( "ak_js_1" ).setAttribute( "value", ( new Date() ).getTime() );Tech dedicated news site to equip you with all tech related stuff.I agree that my submitted data is being collected and stored.✉️ Send us an emailTechToday © 2023. All Rights Reserved.TechToday.co is a technology blog and review site specializing in providing in-depth insights into the latest news and trends in the technology sector.TechToday © 2023. All Rights Reserved.Be the first to know the latest updatesI agree that my submitted data is being collected and stored.