loader image

TYPE OF TOOLS

CATEGORIES

Chronicle x Mindflow

Chronicle

By mindflow

Google Chronicle and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.

Chronicle Overview

Chronicle is a SaaS SIEM built by Google. It retains, analyzes, and searches your network telemetry to index, correlate, and analyze to analyze and contextualize the risks immediately.

To that end, Chronicle ingests telemetry from your network into a private container built on core Google infrastructure, which can deliver infinite elasticity. It can scale to 100+ petabytes, handling the management of the analytics system, servers, storage, networking, backup—and people. The platform is built on an unparalleled data infrastructure to ensure performance without compromise, regardless of load.

Analysts can upload security telemetry quickly and securely from any Syslog source, log aggregator, SIEM, and so on. Then these telemetries are streamlined and aggregated into a coherent timeline. The resulting data is then ready for investigation, hunting, and detection, in Chronicle.

Thanks to the capabilities mentioned above, Chronicle can ingest massive amounts of telemetry data, normalize it, index it, correlate it to known threats, and make it available for analysis in seconds.

chronicle
More, you can automatically retrieve your users’ access to domains via their browser. The data is forwarded to Chronicle, which ingests, normalizes, correlates, and makes it available in the GUI in seconds. As a result, your analysts work with almost real-time information about activity within your company’s network.

To facilitate and hasten your analysts’ work on the collected data, Chronicle can display related activity to avoid the burden of searching through different logs to connect the dots between an employee’s actions and the data.
The related pieces of activity are automatically connected into a single data structure. Enhanced by Chronicle’s anomaly detection analytics, this reduces analysis to minutes or even seconds and overall boosts your analysts’ productivity.

Benefits

  • Petabytes storage: Built on Google infrastructure, you can ingest all the telemetry needed and store it for normalization and correlation
  • Threat Detection: It provides detection capabilities to build quickly packaged rules for automated detection
  • Threat Hunting and Investigation: by correlating activity, you’re able to quickly return a comprehensive picture of the activity surrounding an alert. You’re able to query a domain, URL, file, or hash and see everything that led up to an incident, and everything after
  • Threat Intelligence: Besides premium access to VirusTotal services, Chronicle ingests Uppercase’s global-scale threat intelligence. Latest malware and phishing attacks under the radar can be discovered

Related integrations