The “Google on SecOps” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on May 9th, 2023 by Ahnna Schini and Kristen Cooper. Going forward, all Google Security Operations (formerly known as Chronicle Security Operations) blogs will be published here. 

We’ve been busy on the Google Security Operations front, and have been hustling to continue to add more innovative and practical features. While we continue to work on cutting-edge capabilities such as generative AI, we are not taking our eye off the more mundane enhancements that help our customers in the trenches every day.   

We’ve compiled the top features released in Q1, 2023 below. Check them out to see how Google Security Operations is adding value to customers’ day-to-operations and making it easier to execute the entire threat detection, investigation, and response lifecycle. 

New Looker-based Advanced Reports Module

Understanding and reporting on key metrics is vital for every organization. Customers can now access advanced business intelligence capabilities that are completely embedded in the platform via Looker.

Expanded Cloud Support

With new support access, customers can grant Google’s support team permission to access their system and define exact permissions for more timely, audited and secure support.

New Cases List View

You asked, we delivered; introducing a list view for cases! Now analysts can see all open cases in a single space for advanced triage. The list view also acts as a unified space for sorting, filtering, customizing and updating case information to provide analysts with more control and flexibility. 

Integrated Google Security Operations Alerts

Quickly see relationships between events and known bad or suspected bad activity with integrated alerts in UDM search. Explore all alerts associated with a search, gain context, and pivot to the dedicated alerts view or case view.

Enhanced UDM search experience

Drive in-product collaboration and extend Google’s search expertise directly in Google Security Operations with the addition of shared search, pre-built search templates, and reference lists.

Expanded regional support in Australia

Meet compliance and jurisdictional requirements with expanded regional support and attainment of IRAP Protected in Australia. 

Scheduled reports

Easily schedule a dashboard to be sent as a report at recurring intervals. Reports can only be sent to the customer’s company domain to help protect their data from being unintentionally or maliciously sent outside of their organization.

Interested in seeing more? Schedule a demo today to see how you can leverage these new features.