SecOps Services in Scope by Compliance Program
Capitalized terms have the meaning stated in the applicable agreement between Customer and Google.
A ✔ in the table below indicates that the Service (row) is in scope for the specified certification or report (column).
Service |
ISO 27001 Certification |
ISO 27017 Certification |
ISO 27018 Certification |
SOC 1 Report | SOC 2 Report | SOC 3 Report | PCI DSS Certification |
Chronicle SIEM |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔* |
Chronicle SOAR |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
Mandiant Consulting Services |
✔ |
✔ |
✔ |
✔ |
✔ |
||
Mandiant Security Validation |
✔ |
✔ |
✔ |
✔ |
✔ |
||
Mandiant Advantage Threat Intelligence |
✔ |
✔ |
✔ |
✔ |
✔ |
||
Mandiant Attack Surface Management |
✔ |
✔ |
✔ |
✔ |
✔ |
||
Mandiant Managed Defense |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
*Subject to specific service configuration by customer. Certain features (e.g., Chronicle Looker integration) are not included in certification.