Google Cloud introduced new security products for its customers this week, including Autonomic Security Operations, which aims to improve security operations centres (SOCs), and Cloud Intrusion Detection System (IDS), which detects network-based threats.
According to Google, Autonomic Security Operations is a “stack of products, integrations, blueprints, technical documentation, and an accelerator programme” that aims to assist customers combine Chronicle and Google technology and experience to enhance their SOC.
Autonomic Security Operations is a combination of concepts, techniques, and tools that should assist organisations increase their resilience against cyberattacks by automating threat management.
Products (Chronicle, Looker, and BigQuery), integrations with supported vendors (EDR, SOAR), network forensics and telemetry blueprints, content (sample dashboards, rules, and use-cases), accelerator workshops, and preferred SOC transformation and managed security service provider (MSSP) partners are all included in the solution.
Google claims it has teamed up with BT to bring Autonomic Security Operations to the managed security services industry, and the solution is underpinned by long-standing partnerships with Cyderes and SADA Systems, among others.
Google’s new Cloud IDS, which is currently in preview, is a network security product that provides native network-based threat detection capabilities while leveraging Google Cloud integration.
The tool was developed in partnership with Palo Alto Networks and can assist enterprises in not just gaining insight into network-based risks, but also ensuring that their security systems are compatible with industry norms.
Cloud IDS is an end-to-end cloud solution that monitors east-west traffic as well as traffic to and from the Internet for anomalies and threats such as malware, spyware, command and control (C&C) activity, and more. Cloud IDS data may be used to examine and correlate threats, as well as respond to them.
Cloud IDS now works with Splunk’s cloud and enterprise platforms, Exabeam’s Advanced Analytics solution, The Devo Platform, and Palo Alto Networks’ Cortex XSOAR, with Google Cloud’s Chronicle and Security Command Center integrations coming soon.