VentureBeat reported that Google has officially introduced threat detection capabilities into its own chricle network security platform and has promised to provide threat analysis services to businesses that are comparable to their own size. As a project originally born in the X Department of alpha, it became an independent network security enterprise in 2018 and was absorbed by Google cloud in June last year. To improve the attractiveness of enterprise customers facing potential competitors, chronicle is committed to providing more comprehensive network security technology. The core of this paper is to analyze a large amount of data and identify security threats more quickly by means of machine learning algorithm. At first, chricle finally threatened to search and investigate, but in February, Google began to take more active part in threat detection and early warning. In addition to investigating threats, chronicle is committed to adding more advanced detection capabilities and building early warning systems, said Rick Caccia, head of cloud security marketing at Google cloud, in an interview. This covers intelligent data fusion, automatic linking of new data models to multiple events into a unified schedule, and Google announced that it will use yara-l to detect threats. As a new rule-based language, < p > < p > yara-l can be used to describe complex threat behaviors and is inspired by the tools created by VirusTotal, a malware scanning company (which Google acquired in 2012). The release of chricle detect today is known as a solution Google has called “able to identify threats at unprecedented speed and scale.”. Based on the previously published content, it can be seen that its rule engine can handle more complex time analysis. At the same time, the tool expands yara-l behavior description scope, and adjusts the modern threat types outlined in mitre att & CK knowledge base. For network security professionals, chrome also allows for more general rules, just configure its threat alerts in accordance with the official examples. The [/p > < p > chricle detect also utilizes the research team’s uppercase and other real-time data feeds, including detection rules and hazard indicators (IOC), which may cover high-risk IP or registry entries and can be compared with security telemetry in each system. Finally, although chronicle is very suitable as a core component of Google cloud, the platform actually allows customers to aggregate and analyze data stored in other locations, whether it is a third-party cloud service provider or local data center. Privacy Policy