The complete list of services that form SecOps Services is shown below. While Google offers many other services and APIs, only the services below are covered under the agreement pursuant to which Google has agreed to provide SecOps Services, service level agreements (if applicable), and support offerings (the “Agreement”).
Google Security Operations: Google Security Operations includes the following two Services:
- Google SecOps - SIEM, a cloud native security information and event management (SIEM) solution, enables customers to collect and analyze security telemetry from across their enterprise to power detection, investigation, and remediation of threats. As part of the service, Google SecOps - SIEM normalizes, correlates, and enriches security data to provide analysis and context on suspicious activity.
- Google SecOps - SOAR, a cloud native security, orchestration, automation, and response (SOAR) solution, empowers security teams to respond to cyber threats in minutes. Google SecOps - SOAR fuses a unique threat-centric approach, powerful yet simple playbook automation, and context-rich investigation to free up valuable time and enable security team members to be informed, productive, and effective.
Google Security Operations is available in packages. Information about these packages, including the Services and functionality included in each package, is available at the following URL (or a successor URL): https://docs.cloud.google.com/chronicle/docs/secops/secops-packages.
Google Security Operations Add-ons:
- Google SecOps Security Tokens enable the use of agentic AI features within Google Security Operations. Available agentic AI features are described in the documentation.
Google Threat Intelligence: Google Threat Intelligence is a rich and actionable threat intelligence suite combining insights across Mandiant, VirusTotal, and other Google properties. It equips security teams with comprehensive context and a cutting edge investigative workbench to proactively protect their networks from cybersecurity threats and understand the evolving threat landscape.
Google Threat Intelligence is available in packages. Information about these packages, including the functionality included in each package, is available at the following URL (or a successor URL): https://assets.virustotal.com/google-ti-packages.pdf.
Mandiant Solutions: Mandiant software and cloud solutions help security teams evaluate the effectiveness of their security tools and stay ahead of sophisticated threat actors. Mandiant Solutions are in part made available through the Mandiant Advantage Platform, a multi-vendor XDR platform that delivers transformative expertise and frontline intelligence to security teams.
Mandiant Solutions include:
- Mandiant Security Validation enables an organization’s security team to build a continuous and automated validation program that tests the security effectiveness of network, endpoint, email and cloud controls, teams and processes.
- Mandiant Attack Surface Management helps organizations discover and analyze their internet assets across today’s dynamic, distributed, and shared environments. This service generates comprehensive visibility of the extended enterprise through continuous discovery that illuminates assets, alerts on risk and enables cyber security teams to inventory their assets and investigate any discovered exposures.
- Mandiant Advantage Threat Intelligence gives security professionals critical insights into the latest relevant threats so that they can be better prepared to guard against sophisticated attacks.
- Mandiant Digital Threat Monitoring gives security professionals visibility into external threats to their organization on the open, deep and dark web.
Mandiant Managed Services: Mandiant managed services act as a seamless extension of customers' security teams, delivering continuous monitoring, event triage, investigations, threat hunting, and remediation recommendations that are agnostic to customers' endpoint and network tooling.
Mandiant Managed Services include the offerings described at the following URLs (or successor URLs):
Mandiant Consulting Services: Mandiant Consulting offers proven global expertise in providing comprehensive incident response, strategic readiness and offensive security to help customers mitigate threats and reduce business risk before, during and after an incident.
Mandiant Consulting Services include the offerings described at the following URL (or a successor URL): https://cloud.google.com/security/consulting/mandiant-consulting-all
Mandiant Retainer (formerly Expertise On Demand): Mandiant Retainer extends security operations capabilities and capacity by providing customers with access to security resources, threat intelligence and training led by security practitioners to help accelerate response without burning out existing staff.
Training Services: Through incident response and threat intelligence teachings, and a proctor-based certifications program, Training Services, also known as Mandiant Academy, help to advance customer operational skillsets and problem-solving competencies for increased security maturity.
Security Customer Success Services: Security Customer Success Services help to enable Google Cloud Security customers to achieve desired business outcomes using their acquired subscriptions through the provision of onboarding, training, and enablement resources.
