Wednesday, November 29, 2023

Monitor insider risk of Google Workspace data with Chronicle

What’s changing 

Admins can now more seamlessly integrate their Google Workspace data with Chronicle (Google’s cloud-native Security Operations platform), to quickly detect, investigate and take action on risky activity and threats. Admins can now leverage reduced time spent syncing data from Workspace to Chronicle, as well as Chronicle’s curated preconfigured out-of-the-box detections.




Who’s impacted

Admins

Why it matters 

As an admin, you can already use the Alert Center to view notifications and take action on potentially issues within your domain. Now you can take this a step further by using Chronicle, leveraging its rich risk management capabilities and recommendations:
  • Chronicle can help detect and investigate potential threats at every level of sophistication by monitoring your data in real time. 
  • Data insights are available at your fingertips, with rich context and visualization alongside industry best recommendations, helping you make better decisions faster. 
  • Further, you can deploy Chronicle’s out-of-the-box use cases, helping to cut down on time spent building rules and playbooks. 
  • You can also build and automate repeatable playbooks with full-fledged security orchestration, automation and response capabilities (SOAR).

Getting started


Rollout pace


Availability

  • Available to Google Workspace Enterprise Standard and Enterprise Plus customers 

Resources