Google Cloud has revealed a significant security upgrade
Cybersecurity alerts are getting contextual in Google Chronicle
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Google’s Chronicle security analytics tool has been updated to provide analysts with more context for each individual alert.
The company hopes that this update means users should be able to track potentially hazardous situations faster, more precisely, and with less alert fatigue.
Announcing the news in ablog post, Google Product Architect Mike Hom, and Engineering Lead, Travis Lanham said the product is getting “context-aware detections”, “creating efficiencies in every step of a customer’s detection and response journey, starting by making alerts more functionally enabled”.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.
Click here to start the survey in a new window«
Google Chronicle
Currently, to analyze (and contextually de-risk) a potentially hazardous Excel macro, a security analyst needs to take five steps, including doing a host lookup, identifying the host owner, and eventually, identifying if the user is likely to use a macro in their financial spreadsheet.
With context-aware detections, Google claims all the supporting information from authoritative sources, which include “telemetry, context, relationships, and vulnerabilities”, are all joined as part of a single detection event.
The update also brings a couple of new capabilities to the battleground, including the ability to use risk scoring to prioritize threats, faster addressing of security alerts, and an enhanced fidelity of alerting.
Not only will things move faster now, but analysts will also suffer from less alert fatigue, a problem that’s exacerbated since the onslaught of the Covid-19 pandemic.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Google did not mention a specific date when the new context-aware threat detection would be generally available, but it did say that the modules will “move towards general availability” in the coming months.
Humans don’t have to be cybersecurity’s weakest link>Security teams are turning off alerts due to overload>Google Alerts notifications have become a mess of scams and malware
Hom and Lanham added that there will also be a “steady release” of new detection capabilities, in the coming weeks and months.
Google’s new capabilities are being introduced on the heels of two acquisitions - Siemplify (security orchestration, automation, and response), and Mandiant (a cybersecurity firm offering threat intelligence, and incident response services, among other things).
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
This new malware utilizes a rare programming language to evade traditional detection methods
Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days
Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time
