As we forged into the first quarter of 2024, Google Security Operations unveiled a series of updates centered around streamlining operations for our customers. We understand the challenges faced by security operations teams dealing with time-consuming and intricate processes. That’s why we’re excited to introduce enhancements that simplify workflows and enhance efficiency.

Let’s take a look at some of the major updates:

Expanded Flexible Join Functionality

Streamline detection engineering with new join functionality to support complex equality and/or joins for both UDM and entity fields. This enhancement enables the consolidation of multiple rules into one, reducing the complexity of workflows and improving efficiency. 

Optimized Entity Investigation

Google SecOps’ new investigation experience combines entity data with UDM search to streamline investigation and response workflows. Now, you can quickly pivot between entities, gain context with in-screen widgets, and make informed decisions with fewer clicks, more precision, and less friction. 

Improved Consistency, Freshness, and Availability of UDM Event Data

With Google SecOps’ new event-processing pipelines and indexing enhancements, you can say goodbye to event-time constraints and hello to fully enriched UDM event data. All available to search within 10 minutes or less.

New Integration with Google Cloud Identity and Access Management (IAM)

Administrators can now configure feature access using Google SecOps-specific permissions and predefined roles, and can create custom roles and IAM policies optimized for your organization.

New Integration with Cloud Audit

Understand who did what, where, and when within your Google Cloud environment. Leverage audit logs written by Google Cloud for administrative activities and data access events.

Expanded Regional Support

Meet long-term compliance and jurisdictional requirements with expanded regional support in Japan. Additional regional support is expected to be added throughout 2024.

Public Sector Achievements

Google Security Operations has achieved FedRAMP - Moderate authorization, ensuring the security of our cloud-native platform for federal agencies. 

Curated Detections Spotlight

Check out our latest out-of-the-box detections that are created and maintained by Google security experts. Available for Enterprise and Enterprise+ customers.

• UEBA – Protect against anomalous user and entity behavior with coverage for Authentication, Network Traffic Analysis, Peer Group Detections, Suspicious Actions, and Data Loss Prevention.

Compromised Credential Monitoring

Monitor for compromised credentials on the open, deep and dark web, and receive automatic alerts if accounts linked to your organization appear in compromised credential data. Users can now unmask cleartext passwords for verified domains, unmask usernames, simplify monitor creation, backfill alerts, filter alerts by password policy and enhance monitor tuning. Available for Enterprise+ customers.

Expert Help from Mandiant Threat Hunters

Close the skills gap and gain elite-level support without the burden of hiring, tooling, and training. With Mandiant Hunt, now available as an add-on, you can now have Mandiant experts continuously hunt for threats undetected by security controls in your environment. 

Interested in seeing more? Schedule a demo today to see how you can leverage these new features.