Maintained with ☕️ by

Google Cloud PlatformCategory: GCP Security

Chronicle

Chronicle is a cloud service, built as a specialized layer on top of core Google infrastructure, designed for enterprises to privately retain, analyze, and search the massive amounts of security and network telemetry they generate. Chronicle normalizes, indexes, correlates, and analyzes the data to provide instant analysis and context on risky activity.

New parser documentation now available New parser documentation is available to help you ingest and normalize logs from the following sources

September 8th, 2025

Services

Share

Advanced filtering in alerts and search results You can now filter alerts and search results by any field in the detection object

September 5th, 2025

Services

Share

Override the default time zone for forwarder logs Google SecOps now lets you override the default time zone for your logs when creating or configuring a forwarder

September 4th, 2025

Services

Share

Extended match window for multi-event rules You can now configure rules to analyze data over a longer period

September 3rd, 2025

Services

Share

Composite detections for MITRE ATT&CK The Curated Detections feature has been enhanced with new composite rules that define chains of MITRE ATT&CK tactics and techniques

August 28th, 2025

Services

Share

Google SecOps has updated the list of supported default parsers

August 27th, 2025

Services

Share

Enhanced curated detections has been enhanced with composite detection content for Mandiant Hunt Cloud Classification, including AWS, GCP, and Azure

August 21st, 2025

Services

Share

New rules added to rule pack Curated Detections has been enhanced with additional Chrome Enterprise Premium Browser Threat detections

August 20th, 2025

Services

Share

Reference lists retiring The reference list functionality is being phased out of the Google SecOps platform

August 19th, 2025

Services

Share

Premium Fortinet Firewall parser now available as Release Candidate

June 26th, 2025

Services

Share