This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
This blog section is a place where community members can hear from Googlers, customers, and partners and get tips, advice, and information about topics across Google Cloud Security.
Gen AI brings transformative potential, but also introduces complex
challenges. Organizations must prioritize governance, security, and
continuous learning to successfully navigate Gen AI adoption and unlock
its full potential. Use our roadmap to plan this!
This article explains how to bulk close alerts with the Google Security
Operations API. It provides step-by-step instructions and Python client
code for closing a list of alerts triggered by a given detection rule.
Looking to design your own “building code” or gen AI through an internal
Acceptable Use Policy (AUP)? The way that you shape and evolve your AUP
can help establish a shared understanding in your organization about the
values and principles that govern gen AI, which can be increasingly
important as widespread adoption and everyday use become more common.
We conclude this mini-series with the integration of the Entra ID
application with Google Security Operations using the Feed Management
capability and cover tips for setup, troubleshooting and optional
settings for additional context.
Your organization's attack surface is a dynamic and ever-growing target.
The sheer volume of security data from various sources can overwhelm
even the most seasoned security teams. Mandiant Attack Surface
Management (ASM) was designed to address this challenge and can help you
solve for several use cases.
Picking up where we left off last time, we look at the permissions
required in an Entra ID app that are required to monitor these log
sources in Google SecOps and how to configure the application.
Google SecOps provides organizations the ability to monitor on-premise
and cloud solutions, including Microsoft Entra ID and Office 365 to gain
greater visibility to threats. This post introduces the concepts of
feeds as well as the components of a Microsoft Entra ID app that are
required to set up monitoring of this data.
New Google SecOps instance with no data? Use the APIs to create your
first Reference List, Detection Rule, and a USER_LOGIN UDM Event that
triggers the Rule.
In our new Fraud Intelligence Reports, learn how Google Cloud Gemini
enhances reCAPTCHA with AI-based insights. Gain insights into both
global and site-specific fraud trends, empowering you to combat fraud
more quickly and effectively.
To combat the $6B+ global threat of SMS toll fraud, reCAPTCHA is excited
to announce reCAPTCHA SMS toll fraud protection in public preview -
customers can get started by enrolling in the console today.
In part two of this blog series, David French walks through an example
of operationalizing threat intelligence to create an actionable
detection for GitHub Enterprise. He also explains the concept of tuning
detections to improve their precision and demonstrates how to do this in
Google SecOps.
For many organizations, GitHub houses critical intellectual property and
is a prime target for attackers seeking to steal valuable source code,
disrupt software development operations, or carry out supply chain
attacks. In this blog series, David French demonstrates how to monitor
your GitHub Enterprise environment for suspicious activity with Google
SecOps.
Google reCAPTCHA has been reimagined! Learn more about new capabilities
and service tiers to help protect your website and apps from bots and
fraud with an invisible experience.
The blog discusses the benefits of threat hunting, such as preventing or
minimizing impacts through reduced dwell time, improving visibility, and
automating detection strategies.
Building on our previous post, take statistical search a step further in
Google SecOps with additional aggregation functions, mathematical
operators and if/then/else statements!
In this blog, we will continue to extend our visibility. We will
discover how we're developing custom integrations within Google SecOps
platform for CRXcavator and Spin.AI to assess browser extensions.
The “New to Chronicle” blog found on chronicle.security has moved to the
Community Blog. This blog was originally published on November 9th, 2023
and is focused on the Google SecOps integration with Looker for
dashboarding. This blog summarized the previous steps around building
dashboards and adds additional customizations and sharing to the
dashboard we built throughout this mini-series.
The “New to Chronicle” blog found on chronicle.security has moved to the
Community Blog. This blog was originally published on October 11th, 2023
and is focused on the Google SecOps integration with Looker for
dashboarding. This blog add the ability to create custom fields.
The “New to Chronicle” blog found on chronicle.security has moved to the
Community Blog. This blog was originally published on September 28th,
2023 and is focused on the Google SecOps integration with Looker for
dashboarding. This blog builds adds pivot functionality of Looker to
create a time chart.
In our final post of this mini-series, we examine group by and filtering
capabilities within metric functions to further refine data beyond a
single dimension and use network, endpoint and cloud authorization data
in multiple examples to illustrate it all coming together.
The “New to Chronicle” blog found on chronicle.security has moved to the
Community Blog. This blog was originally published on September 14th,
2023 and is focused on the Google SecOps integration with Looker for
dashboarding. This blog builds on the previous and adds tabular
summaries.