Cybercrime now affects billions of people globally, and the organizations responsible for protecting critical information and systems need more help to keep up. Cybersecurity needed a moonshot.
Chronicle was born in 2016 as a project within X, Alphabet’s moonshot factory. As an Alphabet company, we bring unique resources and talent to the goal of giving enterprises, and the people within them, the tools to win the fight against cybercrime.
We see a future where enterprise security teams can find and stop cyberattacks before they cause harm. By applying planet-scale computing and analytics to security operations, we provide the tools teams need to secure their networks and their customers’ data. We turn the advantage to the forces of good.
Anti-Virus
Global malware intelligence about threats in the wild Enjoy productivity and capability improvements with VirusTotal.
Cloud Security
SOC operations are impaired by products that are ineffective in detecting and triaging modern threats and also carry a high TCO burden. Most of these products, including your legacy SIEM, were built to analyze terabytes rather than exabytes of telemetry. However, a new generation of security analytics solutions is emerging to solve exactly these problems, bringing together the scale, performance, economic model and analytical capabilities needed to protect against todays threats. Watch this webinar to hear the Google Cloud security team discuss with SANS moderator, Matt Bromiley, how the Chronicle global security analytics platform can improve your security teams ability to detect, hunt and investigate threats. Learn about YARA-L, a new specialized threat detection language for advanced t
Healthcare Cybersecurity
A US based healthcare sector market leader was contending with constantly growing security telemetry volumes. Over the years, growth of infrastructure and new security tools had significantly expanded the aggregate log volume their SOC needed to access for investigations. Meanwhile low and slow (APT) threats warranted longer retention periods with quick or hot access but queries were already taking too long. Scaling their existing on-premise SIEM solution would imply higher license costs as well as more infrastructure to buy, deploy and manage. The deployment of a modern EDR, valuable for its rich telemetry but voluminous in its logging output, drove them to start identifying new solutions to address their security analytics challenges and needs.
Threat Intelligence
Most enterprises use a SIEM to analyze security data, to detect threats and investigate incidents. However, most leading SIEM products were created more than a decade ago, and were designed for a different world. Today, the threat landscape and IT environment looks quite different: Data generated in petabytes, not terabytes; a mature public cloud infrastructure; new technologies such as EDR that generate useful but massive amounts of telemetry; and threats such as fileless malware that are either ephemeral or silent and persistent. We believe a new approach is required, and Chronicle offers that with YARA-L for threat detection. It is powerful, easily understood, and designed for threat analysis, not data query.
Threat Protection
Embedded proprietary threat signals Take advantage of our proprietary data and research with Uppercase.