Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Mandiant Hunt for Chronicle Uncover hidden attacks with elite threat hunters by your side.
SOC Modernization Protect your organization against modern-day threats.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Chronicle CyberShield Helping Governments Defend Against Modern Threats
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners arrow_forward expand_more
Partners

We work together with our partners to help our customers protect themselves.

Partners
Overview Through product integrations and security expertise, together we bring more effective solutions to market.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Contact us Visit the contact us page
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Mandiant Hunt for Chronicle Uncover hidden attacks with elite threat hunters by your side.
SOC Modernization Protect your organization against modern-day threats.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Chronicle CyberShield Helping Governments Defend Against Modern Threats
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners arrow_forward expand_more
Partners

We work together with our partners to help our customers protect themselves.

Partners
Overview Through product integrations and security expertise, together we bring more effective solutions to market.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
IDC Study: Customers cite 407% ROI with Google Chronicle. Learn More IDC Study: Customers cite 407% ROI with Google Chronicle. .
Introducing SOAR for the age of anywhere operations
Kristen Cooper
Product Marketing, GCP
May 17, 2022

In early January, Google Cloud underscored our commitment to advancing invisible security and democratizing security operations for every organization with the acquisition of Siemplify, a leading security orchestration, automation and response (SOAR) provider. And in the latest release of Siemplify SOAR we’re already leveraging these capabilities to propel security operations into the “anywhere operations” era, where you can operate at scale—no matter where your security team is, at any time and in any capacity; automate workflows and free up your team to do more strategic work; and accelerate processes to drive more effective and timely response.

The latest release of Siemplify SOAR sets you up with the building blocks you need—cloud infrastructure, automation, collaboration, and analytics—to take your response to the next level. It delivers relevant and impactful information front and center, improves collaboration among teams, makes building playbooks easier than ever before, and enables native investigation between Google Chronicle and Siemplify.

Upgraded Google Chronicle integration

The first step in realizing our strategy of integrating Chronicle and Siemplify includes the introduction of our improved Marketplace integration which now enables native investigation between Siemplify and Chronicle. A single connector pulls all Chronicle alert types (IOC matches, external alerts, rule alerts) into Siemplify enabling the examination of aggregated security information. The out-of-the-box Chronicle and VirusTotal enrichment playbook enables automated enrichment and hunting and new case view widgets display key insights from Chronicle and provide easy access to Chronicle capabilities without console switching.

New level of collaboration

With organizations of all sizes increasingly turning to security service providers to augment security operations, effective and transparent collaboration becomes paramount. This latest release introduces a new “collaborator” user type that makes it easy to collaborate, run joint investigations, open requests and chat about cases in real-time for MSSPs and their customers, as well as with departments outside of the SOC. The new chat function is documented as part of every case and messages can be pinned as evidence to the case wall.

Dynamic case views

With security teams drowning in data, the ability to respond quickly and effectively often boils down to the ability to view and analyze the most relevant data. The case overview leads analysts through alerts and the data collected by the playbook. The new dynamic case overview enables the creation of customized alert or case views using drag and drop widgets that display the most relevant information for each role, such as insights, enrichments, and playbook results.

Redesigned homepage experience

The completely redesigned homepage has been transformed into a broad and powerful hub for analysts. The new homepage now displays pending tasks assigned to you, playbook actions waiting for your input, highlighted cases you are involved in, and the ability to take action (i.e. approve a task) directly from the homepage. A new embedded chat function facilitates real-time conversations.

Enhanced playbook designer

The improved playbook designer canvas now provides a wider work space to create playbook workflows, advanced editing capabilities including the ability to copy, paste, cut or delete within and between playbooks and blocks, and the ability to easily undo/redo.

Next steps?

Interested in seeing how Siemplify SOAR can help you raise the bar for security operations? Take a closer look at what we’ve introduced in this release and schedule a demo to learn more.

SOAR

Let’s work together

Ready for Google-speed threat detection and response?

Contact us Visit the contact us page