Hello SecOps Community,
Stay up to date with everything going on in Chronicle SIEM and SOAR by reading the SecOps Customer Newsletter! Updated every other month, you can find a summary of major Product Updates, Learning and Training, Community Announcements, Best Practices, and Upcoming Events.
SecOps Community Spotlight
SecOps Office Hours
We had 2 very exciting Office Hours in the Community this month where we covered these topics:
We will be scheduling additional office hours so stay tuned and access the Secops Community for more information.
SecPops Community Playlist
In the event of celebrating 6K SOAR & SIEM Users in the Community we decided to do something fun and have the community create a fun SecPops Playlist. If you havenโt had the chance, this is the time to listen to our SecOps Community's most beloved Pop songs. Enjoy!
Chronicle Security Operations Updates
New Data Retention process started February 1st, 2023
Shared Search, Search Templates, and Reference Lists in Search
Chronicle Network Geolocation Enrichment
Near Real Time Data Processing for Detection & Investigation
Q4 Feature Roundup
Throughout Q4 we released a host of new security operations features that will help you get to your goals even faster. To find a comprehensive list of our Q4 additions to Chronicle Security Operations, visit this blog.
To find a comprehensive list of recent Chronicle Release Notes/Changes, go here.
Chronicle Security Operations Tips and Tricks
Part of SecOps maturity is the adoption of version control for all important assets. Chronicle SOAR provides the GitSync Integration to achieve this goal. Using the integration it is possible to backup entire SOAR environments that include playbooks, ontology and associated settings. This ability is key for any SecOps team looking to be agile in disaster recovery, auditing and continuous improvement. The integration provides SOAR jobs that can be set to run at custom intervals with selected components backed up to the git repository of choice. The article โHow to Use GitSyncโ provides full details!
SecOps Events, Trainings & Content
Google Cloud Security Talks 2023 (Mar 22)
Hear from experts and explore the latest threat intel, see what your peers had to say in a recent cloud security survey, and check out all the latest product innovations!
Prevent Account Takeover and Fraud (Mar 29)
Explore how you can leverage the depth of Googleโs intelligence and ML models to secure your login and registration workflow, and move beyond the visual challenge.
2023 State of Cloud Threat Detection and Response Report (Free)
Learn how the move to cloud offers the opportunity to transform your security operations, along with best practices, actionable tips and key considerations for the future.
Threat Hunting with VirusTotal - Episode 2 (On-Demand)
Watch this step by step session focusing on the usage of Yara for hunts including rule-writing basics and hints to detect in-the-wild samples of infamous APTs.
Chronicle SIEM Fundamentals (Free)
Understand the product at a high level, and learn best practices. Register here.
Chronicle SOAR Fundamentals (Free)
Take this course on your own time. We cover an overview of the product, covering many different topics and best practices. Register here.
Siemplify Certified SOAR Analyst (Free)
This On Demand course has been developed to help Security Professionals optimize day-to-day tasks of the SOC through the use of SOAR capabilities. Register here.
Peer Reviews
Receive a $25 Gift Card for Your Feedback!
There is nothing we love more than to see our customers thrilled with their decision to implement one of our security products. We would sincerely appreciate it if you took a few minutes to share your happy experiences with Chronicle SIEM and/or Chronicle SOAR on Gartner Peer Insights. In exchange for taking the time to share your feedback, Gartner will send you a $25 gift card of your choice.