As we forged into the first quarter of 2024, Google Security Operations unveiled a series of updates centered around streamlining operations for our customers. We understand the challenges faced by security operations teams dealing with time-consuming and intricate processes. That’s why we’re excited to introduce enhancements that simplify workflows and enhance efficiency.
Let’s take a look at some of the major updates:
Streamline detection engineering with new join functionality to support complex equality and/or joins for both UDM and entity fields. This enhancement enables the consolidation of multiple rules into one, reducing the complexity of workflows and improving efficiency.
Google SecOps’ new investigation experience combines entity data with UDM search to streamline investigation and response workflows. Now, you can quickly pivot between entities, gain context with in-screen widgets, and make informed decisions with fewer clicks, more precision, and less friction.
With Google SecOps’ new event-processing pipelines and indexing enhancements, you can say goodbye to event-time constraints and hello to fully enriched UDM event data. All available to search within 10 minutes or less.
Administrators can now configure feature access using Google SecOps-specific permissions and predefined roles, and can create custom roles and IAM policies optimized for your organization.
Understand who did what, where, and when within your Google Cloud environment. Leverage audit logs written by Google Cloud for administrative activities and data access events.
Meet long-term compliance and jurisdictional requirements with expanded regional support in Japan. Additional regional support is expected to be added throughout 2024.
Google Security Operations has achieved FedRAMP - Moderate authorization, ensuring the security of our cloud-native platform for federal agencies.
Check out our latest out-of-the-box detections that are created and maintained by Google security experts. Available for Enterprise and Enterprise+ customers.
Monitor for compromised credentials on the open, deep and dark web, and receive automatic alerts if accounts linked to your organization appear in compromised credential data. Users can now unmask cleartext passwords for verified domains, unmask usernames, simplify monitor creation, backfill alerts, filter alerts by password policy and enhance monitor tuning. Available for Enterprise+ customers.
Close the skills gap and gain elite-level support without the burden of hiring, tooling, and training. With Mandiant Hunt, now available as an add-on, you can now have Mandiant experts continuously hunt for threats undetected by security controls in your environment.
Interested in seeing more? Schedule a demo today to see how you can leverage these new features.