A look at the Recommendations widget in depth
This document shows how Google SecOps makes the calculations to determine which cases the Recommendations widg...
•
This document shows how Google SecOps makes the calculations to determine which cases the Recommendations widg...
Let's look at two complementary functions that allow us to quickly and easily convert the case of a value. Thi...
Today we are going to review the third type of reference list that we can use in our YARA-L rules in Google Se...
Let's look at how we can use look at another type of reference lists that we can use in our YARA-L rules in Go...
Let's look at how we can use reference lists in our YARA-L rules in Google SecOps. Reference lists provide a s...
Let's look at how we can use the CIDR network function or as it is called in YARA-L, net.ip_in_range_cidr, for...
Let's look at how we can use the string function coalesce or as it is called in YARA-L strings.coalesce, for u...
Let's look at how we can use the string function concatenation or as it is called in YARA-L strings.concat, fo...
We are covering a lot of ground today, as we take a look at risk score, conditional logic and mathematical ope...
Today, we are going to cover the aggregation functions of min, max and sum and how they can be added to the ou...
Today, we are going to cover two aggregation functions that are often used with strings in the outcome section...
Today, we are going to introduce the ability to generate counts within the outcome section of a YARA-L rule in...
Today, we are going to introduce the outcome section of a YARA-L rule and demonstrate how we can additional co...
Today, we are going to build a multi event rule in Chronicle SIEM, but this time we will use a sliding window ...
In this post, weāre going to build a multi event rule in Chronicle SIEM with a focus on joining multiple field...
In this post, weāre going to build a multi event rule in Chronicle SIEM with a focus on ordering events to tri...
In this post, I demonstrate how to integrate Chrome Enterprise Management with Google Chronicle to gain compre...
In this post, weāre going to build a multi event rule in Chronicle SIEM that can be used to join disparate eve...
In this post, weāre going to build a single event rule in Chronicle SIEM using string matching, which will ser...
In this post, weāre going to get to know Chronicle SIEM with a focus on the various options available in the r...
In this post, weāre going to get to know Chronicle SIEM with a focus on navigating the Rules Editor, which wil...
In our previous post, we covered how Chronicle SIEM can aggregate events into a single detection and alert wit...
In our previous post, we covered building a single event rule in Chronicle SIEM using a regular expression. In...
In our previous post, we covered using event operators and modifiers that demonstrate the flexibility in build...
In our previous post, we covered an introduction to Chronicle SIEM with a focus on using variables in YARA-L t...
In our previous post, we provided an introduction to Chronicle SIEM with a focus on YARA-L basics and how dete...
YARA-L is a language used to create rules for searching through your enterprise log data (hence the āLā) as it...
Today, most SOC managers and CISOs are using metrics to track the security posture and measure their SOCās per...
Hello everyone, Iāve seen various questions around the slack channel about the OVA deployment, so Iām writing ...
Have you ever noticed trees that are marked with spray paint? Now, Iām no tree spray paint marking expert, but...