(By Anton Chuvakin and originally posted at Anton on Security)
While creating a recent presentation, I needed a slide on “threat detection is hard.” And it got me thinking, why is threat detection so hard for so many organizations today? We can trace the “cyber” threat detection to 1986 (“Cuckoo’s Egg”) and 1987 (first IDS) and perhaps even earlier events (like viruses of the early 1980s). This means we are “celebrating” ~35 years of cyber threat detection.
Modern detection for modern threats
At Chronicle, we believe it’s time for a better way to do detection. As the IT landscape becomes more complex and attackers continue to evade current security tools, it’s clear that attempts at prevention fall short. The rapid adoption of the ATT&CK framework also highlights the expanding threat attack surface and advancement of modern threats.
Today, we’re excited to announce the availability of Chronicle’s threat detection capabilities. Since joining Google Cloud over a year ago, the Chronicle team has been innovating on our investigation and hunting platform to bring you Chronicle Detect, a set of modern detection capabilities built on Google infrastructure to help you identify threats at unparalleled speed and scale. …
By Anton Chuvakin
(Originally posted at Anton on Security)
For some reason, I just cannot leave the topic of Security Operation Center (SOC) alone. In fact, I now am participating in a very fun effort to write a series of papers on the future of SOC by Google Cloud and Deloitte (for the impatient: download it here).
My favorite quotes are below: