SecOps Services Summary
Last modified: February 14, 2024
The complete list of services that form SecOps Services is shown below. While Google offers many other services and APIs, only the services below are covered under the agreement pursuant to which Google has agreed to provide SecOps Services (the “Agreement”), service level agreements (if applicable), and support offerings. Offerings identified below as Software or Premium Software are not Services under the Agreement.
Chronicle SIEM: Chronicle SIEM, a cloud native security information and event management (SIEM) solution, enables customers to collect and analyze security telemetry from across their enterprise to power detection, investigation, and remediation of threats. As part of the service, Chronicle SIEM normalizes, correlates, and enriches security data to provide analysis and context on suspicious activity.
Chronicle SIEM includes Google Cloud Threat Intelligence, which is an aggregate threat intelligence service for Chronicle SIEM customers that leverages Google threat intelligence to surface threats in their cloud and on-premise environments. It is supported by Google threat analysts who verify malicious indicators in security telemetry and surface contextualized alerts to customers, allowing them to make an informed response.
Chronicle SOAR: Chronicle SOAR, a cloud native security, orchestration, automation and response (SOAR) solution, empowers security teams to respond to cyber threats in minutes. Chronicle SOAR fuses a unique threat-centric approach, powerful yet simple playbook automation, and context-rich investigation to free up valuable time and enable security team members to be informed, productive and effective.
Mandiant Solutions: Mandiant software and cloud solutions help security teams evaluate the effectiveness of their security tools and stay ahead of sophisticated threat actors. Mandiant Solutions are in part made available through the Mandiant Advantage Platform, a multi-vendor XDR platform that delivers transformative expertise and frontline intelligence to security teams.
Mandiant Solutions include:
Mandiant Security Validation enables an organization’s security team to build a continuous and automated validation program that tests the security effectiveness of network, endpoint, email and cloud controls, teams and processes.
Mandiant Attack Surface Management helps organizations discover and analyze their internet assets across today’s dynamic, distributed, and shared environments. This service generates comprehensive visibility of the extended enterprise through continuous discovery that illuminates assets, alerts on risk and enables cyber security teams to inventory their assets and investigate any discovered exposures.
Mandiant Advantage Threat Intelligence gives security professionals critical insights into the latest relevant threats so that they can be better prepared to guard against sophisticated attacks.
Mandiant Digital Threat Monitoring gives security professionals visibility into external threats to their organization on the open, deep and dark web.
Mandiant Managed Services: Mandiant managed detection and response services act as a seamless extension of customers' security teams, delivering continuous monitoring, event triage and threat hunting that is agnostic to customers' endpoint and network tooling. Mandiant Managed Services includes, for example, Managed Hunt for Chronicle.
Mandiant Consulting Services: Mandiant Consulting offers proven global expertise in providing comprehensive incident response, strategic readiness and technical assurance to help customers mitigate threats and reduce business risk before, during and after an incident.