As part of its efforts to better serve the needs of businesses, Google Cloud has announced a number of new security features, including a new way to use Chronicle's security analytics platform to detect threats. Cybersecurity company Chronicle may have started out as part of Alphabet's Moonshot X unit, but last year it was integrated into Google Cloud. Now customers will be able to use the company's security analytics platform to detect threats using a new rules language called YARA-L, specially designed for modern threats and behavior. YARA is a popular open source language used to write rules to detect malware and the Chronicle team has created a new version to apply to security logs and other telemetry-like data. EDR and network traffic. YARA-L gives security analysts the ability to write rules better suited to detect modern threats and, according to Google, enables scalable, real-time, and retroactive rule execution.
New data structure
Google Cloud also revealed that Chronicle introduced a new data structure that combines a new data model with the ability to automatically link multiple events on a single timeline. This will certainly make things easier for security analysts who will no longer have to manually collect logs after a security incident. Palo Alto Networks Cortex XSOAR will be the first Google Cloud partner to integrate this new framework, and Vice President of Product Strategy Rishi Bhargava explained how Chronicle's new detection capabilities have improved its response in a blog post saying: "Cortex XSOAR provides automated enrichment, response, and case management to threats across the enterprise. Integration with Chronicle's new event detection and timeline capabilities, across months or years of data, enhances this response and enables end-to-end threat management." threats to our joint customers." In addition, Google makes the Risk API and reCAPTCHA Enterprise web services available in general to help organizations protect user accounts from fraudulent online activity. The ReCAPTCHA enterprise service helps protect against scratching, credential misuse and automated account creation, while the Web Risk API helps organizations identify known bad sites, warn users when they click the wrong link and prevents them from posting links to known malicious pages.- Protect your devices with our top picks for the best antivirus software