SecOps Services in Scope by Compliance Program
Last modified: February 14, 2024
Capitalized terms have the meaning stated in the applicable agreement between Customer and Google.
A ✔ in the table below indicates that the Service (row) is in scope for the specified certification or report (column).
|
Service |
ISO 27001 Certification |
ISO 27017 Certification |
ISO 27018 Certification |
SOC 1 Report | SOC 2 Report | SOC 3 Report | PCI DSS Certification |
|
Chronicle SIEM |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔* |
|
Chronicle SOAR |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
|
Mandiant: |
|||||||
|
Mandiant Consulting |
✔ |
✔ |
✔ |
✔ |
|||
|
Security Validation |
✔ |
✔ |
✔ |
✔ |
|||
|
Mandiant Advantage Threat Intelligence |
✔ |
✔ |
✔ |
||||
|
Attack Surface Management |
✔ |
✔ |
✔ |
||||
|
Managed Defense |
✔ |
✔ |
✔ |
✔ |
✔ |
*Subject to specific service configuration by customer. Certain features (e.g., Chronicle Looker integration) are not included in certification.