Google Chronicle and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.
Chronicle is a SaaS SIEM built by Google. It retains, analyzes, and searches your network telemetry to index, correlate, and analyze to analyze and contextualize the risks immediately.
To that end, Chronicle ingests telemetry from your network into a private container built on core Google infrastructure, which can deliver infinite elasticity. It can scale to 100+ petabytes, handling the management of the analytics system, servers, storage, networking, backup—and people. The platform is built on an unparalleled data infrastructure to ensure performance without compromise, regardless of load.
Analysts can upload security telemetry quickly and securely from any Syslog source, log aggregator, SIEM, and so on. Then these telemetries are streamlined and aggregated into a coherent timeline. The resulting data is then ready for investigation, hunting, and detection, in Chronicle.
Thanks to the capabilities mentioned above, Chronicle can ingest massive amounts of telemetry data, normalize it, index it, correlate it to known threats, and make it available for analysis in seconds.
More, you can automatically retrieve your users’ access to domains via their browser. The data is forwarded to Chronicle, which ingests, normalizes, correlates, and makes it available in the GUI in seconds. As a result, your analysts work with almost real-time information about activity within your company’s network.
To facilitate and hasten your analysts’ work on the collected data, Chronicle can display related activity to avoid the burden of searching through different logs to connect the dots between an employee’s actions and the data.
The related pieces of activity are automatically connected into a single data structure. Enhanced by Chronicle’s anomaly detection analytics, this reduces analysis to minutes or even seconds and overall boosts your analysts’ productivity.