FAQs

Resolution Intelligence Cloud is a new way to manage security and digital ops. It's a data analytics platform for security and digital ops data at scale that uses an open architecture, so it plays well with other security and ops tools you have.

And it has the scale and speed of Google Chronicle SIEM built in. Furthermore, it integrates with Google Chronicle SOAR (formerly Siemplify) as well as other SOARs and ITSMs like ServiceNow and Jira.

XDR (Extended Detection and Response) is a category with a variety of definitions. It's often viewed as the next generation of EDR (Endpoint Detection and Response), offering integrations and analytics on top of EDR alerts. Resolution Intelligence Cloud can ingest XRD and EDR data.

Resolution Intelligence Cloud takes a different approach, boosting both SOC and NOC effectiveness. It ingests all security and digital operations telemetry without extra cost, runs advanced data analytics to correlate data points, and detects patterns over time, in real time. It provides situational awareness and context beyond what EDRs or XDRs capture, and it automates Level-1 and Level-2 tasks. 

Resolution Intelligence Cloud uses Google Chronicle as its infinitely scalable, super-fast security data lake. You get all the functionality of Chronicle plus Resolution Intelligence Cloud adds important features for enterprises and service providers: multi-level multitenancy, rule and parser packs, rule and parser management, real-time dashboards, data analytics, machine learning, automation, situational awareness, ActOns, collaboration war rooms, and more. For more info, see the Resolution Intelligence Cloud platform page.

Resolution Intelligence Cloud ingests operations data as well and correlates it with your security data, so security and digital ops teams have a common operational view as well as a single place to collaborate.

Foundation is short for Resolution Intelligence Cloud's Foundation for Google Chronicle, our entry-level subscription plan. 

Foundation for Google Chronicle jumpstarts Chronicle for security data ingestion, storage, and search at Google speed and scale. It operationalizes Chronicle with multi-level multitenancy, role-based access control, Netenrich threat intelligence, parser and rule packs, content management, real-time dashboards and reports, and more. Netenrich provides implementation services, a customer success manager, and customer support to ensure your success.

Yes, when you buy Resolution Intelligence Cloud, you can buy Chronicle licenses through Netenrich. If you already have one or more Chronicle licenses, that's fine too. Contact us to discuss your situation.

We sell Resolution Intelligence Cloud primarily through our trusted partners. Learn about our partner program.

Occasionally we sell directly to enterprises that need a service-provider platform. Please contact us. 

Netenrich partners with MSPs and MSSPs who use Resolution Intelligence Cloud to provide managed secure operations to their customers. Learn more about partnering with Netenrich.

Resolution Intelligence Cloud collects data through Google Chronicle data forwarders and APIs. This covers almost 98% of security detection tools and telemetry. If you need another integration, Netenrich can help with custom parsers. 

Resolution Intelligence Cloud collects IT operations data using native integration to monitoring tools and APIs. More than 2,500 integrations are supported.

Resolution Intelligence brings together multiple analytical products in one platform for a continuously evolving infrastructure and threat landscape: 

Anomaly-based analytics on users, entities, and activities to identify patterns of risky behavior.

Open-ended signal analytics to enable a wide range of security use cases: data and detection coverage analysis, malware spread analysis, measuring detection rule efficacy, and more.

Attack path analytics to identify the entire attack story across historical data.

An ActOn is like an incident. It's a situation that may cause or has already caused negative impact on confidentiality, integrity, and/or availability PLUS the situational awareness needed to quickly determine appropriate response. 

ActOns gather, prioritize, and present curated, contextual data – like related alerts, events, asset, and user data, evidence, and more. Each ActOn has a quantified risk score (based on likelihood, impact, and confidence), so analysts know where to focus first.

ActOns increase efficiency and effectiveness with the contextual information that analysts need at their fingertips.

For each ActOn, Resolution Intelligence Cloud quantifies a single risk score by determining Likelihood (connects what happened with how), Impact (measures potential impact on customers, business, and information), and Confidence (measures the prevalence of a signal in the context of the environment: is this a true positive?). The platform combines these values into a single risk score and presents the evidence as part of the ActOn.

Risk scores are based on extensive correlation and data across security and operations.