SecOps Services Summary
Last modified: May 23, 2024
The complete list of services that form SecOps Services is shown below. While Google offers many other services and APIs, only the services below are covered under the agreement pursuant to which Google has agreed to provide SecOps Services (the “Agreement”), service level agreements (if applicable), and support offerings. Offerings identified below as Software or Premium Software are not Services under the Agreement.
Chronicle Security Operations: Chronicle Security Operations includes the following two Services:
Chronicle SIEM, a cloud native security information and event management (SIEM) solution, enables customers to collect and analyze security telemetry from across their enterprise to power detection, investigation, and remediation of threats. As part of the service, Chronicle SIEM normalizes, correlates, and enriches security data to provide analysis and context on suspicious activity.
Chronicle SIEM includes Google Cloud Threat Intelligence, which is an aggregate threat intelligence service for Chronicle SIEM customers that leverages Google threat intelligence to surface threats in their cloud and on-premise environments. It is supported by Google threat analysts who verify malicious indicators in security telemetry and surface contextualized alerts to customers, allowing them to make an informed response.
Chronicle SOAR, a cloud native security, orchestration, automation and response (SOAR) solution, empowers security teams to respond to cyber threats in minutes. Chronicle SOAR fuses a unique threat-centric approach, powerful yet simple playbook automation, and context-rich investigation to free up valuable time and enable security team members to be informed, productive and effective.
Google Threat Intelligence: Google Threat Intelligence is a rich and actionable threat intelligence suite combining insights across Mandiant, VirusTotal and other Google properties. It equips security teams with comprehensive context and a cutting edge investigative workbench to proactively protect their networks from cybersecurity threats and understand the evolving threat landscape.
Mandiant Solutions: Mandiant software and cloud solutions help security teams evaluate the effectiveness of their security tools and stay ahead of sophisticated threat actors. Mandiant Solutions are in part made available through the Mandiant Advantage Platform, a multi-vendor XDR platform that delivers transformative expertise and frontline intelligence to security teams.
Mandiant Solutions include:
Mandiant Security Validation enables an organization’s security team to build a continuous and automated validation program that tests the security effectiveness of network, endpoint, email and cloud controls, teams and processes.
Mandiant Attack Surface Management helps organizations discover and analyze their internet assets across today’s dynamic, distributed, and shared environments. This service generates comprehensive visibility of the extended enterprise through continuous discovery that illuminates assets, alerts on risk and enables cyber security teams to inventory their assets and investigate any discovered exposures.
Mandiant Advantage Threat Intelligence gives security professionals critical insights into the latest relevant threats so that they can be better prepared to guard against sophisticated attacks.
Mandiant Digital Threat Monitoring gives security professionals visibility into external threats to their organization on the open, deep and dark web.
Mandiant Managed Services: Mandiant managed detection and response services act as a seamless extension of customers' security teams, delivering continuous monitoring, event triage and threat hunting that is agnostic to customers' endpoint and network tooling. Mandiant Managed Services includes, for example, Managed Hunt for Chronicle.
Mandiant Consulting Services: Mandiant Consulting offers proven global expertise in providing comprehensive incident response, strategic readiness and technical assurance to help customers mitigate threats and reduce business risk before, during and after an incident.
Expertise On Demand: Expertise on Demand extends security operations capabilities and capacity by providing customers with access to security resources, threat intelligence and training led by security practitioners to help accelerate response without burning out existing staff.
Training Services: Through incident response and threat intelligence teachings, and a proctor-based certifications program, Training Services, also known as Mandiant Academy, help to advance customer operational skillsets and problem-solving competencies for increased security maturity.
Information about SecOps packages, including the Services and functionality included with each package, is available at https://cloud.google.com/security/products/security-operations?#pricing or a successor URL.