Chris Martin (@thatsiemguy)BindPlane SecOps ProcessorLearn about the new BindPlane SecOps Standardization Processor, integration with the Chronicle REST API Destinaton, and more.3d ago
Chris Martin (@thatsiemguy)Aggregate Queries in UDM SearchGoogle SecOps has introduced UDM Stats, a powerful new feature in preview that brings aggregate queries to UDM Search using YL2.Jun 16
Chris Martin (@thatsiemguy)Automated YL2 Rule Error Notifications with SOARThis post explores how to create a Chronicle SIEM Detection Engine rule error notification pipeline using Chronicle SOAR.Nov 18Nov 18
Chris Martin (@thatsiemguy)observIQ BindPlane, the OTEL Agent, and Google SecOpsLearn about the Bindplane OP and OpenTelemetry (OTel) Agent available now for users of Google SecOps.May 211May 211
Chris Martin (@thatsiemguy)Creating an Entity Explorer Widget in Chronicle SOAR with Gemini Code AssistIn this post, I explore using Gemini Code Assist to create a custom Entity Explorer Action and HTML widget in Chronicle SOAR.Oct 26Oct 26
Chris Martin (@thatsiemguy)BindPlane SecOps ProcessorLearn about the new BindPlane SecOps Standardization Processor, integration with the Chronicle REST API Destinaton, and more.3d ago
Chris Martin (@thatsiemguy)Aggregate Queries in UDM SearchGoogle SecOps has introduced UDM Stats, a powerful new feature in preview that brings aggregate queries to UDM Search using YL2.Jun 16
Chris Martin (@thatsiemguy)Automated YL2 Rule Error Notifications with SOARThis post explores how to create a Chronicle SIEM Detection Engine rule error notification pipeline using Chronicle SOAR.Nov 18
Chris Martin (@thatsiemguy)observIQ BindPlane, the OTEL Agent, and Google SecOpsLearn about the Bindplane OP and OpenTelemetry (OTel) Agent available now for users of Google SecOps.May 211
Chris Martin (@thatsiemguy)Creating an Entity Explorer Widget in Chronicle SOAR with Gemini Code AssistIn this post, I explore using Gemini Code Assist to create a custom Entity Explorer Action and HTML widget in Chronicle SOAR.Oct 26
Chris Martin (@thatsiemguy)MISP, BindPlane, and Google SecOpsExploring the default MISP IOC integration for Google SecOps using PyMISP and ObservIQ BindPlane.Jun 29
Chris Martin (@thatsiemguy)From Sandbox to SIEM: Replaying Windows Events using the Chronicle APIThis blog post explores how to replay Windows Event Logs into Chronicle SIEM, using Sandbox data from Google Threat Intel.Sep 29
Chris Martin (@thatsiemguy)Windows Event Log collection with the new SecOps Collection AgentIn this post I explore using the Google SecOps Collection Agent (also known as the BindPlane OTEL Agent) to collect Windows Event Logs.Jul 4
