Run security & ops at scale
Resolution Intelligence Cloud is a cloud-native data analytics platform for managing security and digital operations, with the scale and speed of Google Chronicle SIEM built in. You always have control and one-click secure access to Chronicle with SSO and RBAC.
The platform ingests all data across security and operations, identifies incidents and pre-incident situations, ranks them by business risk, and correlates extensive context for proactive, fast resolution.
Ingest all your data
Ingest all your data without penalty. Resolution Intelligence Cloud leverages Google Chronicle, an infinitely scalable, cloud-native SIEM. It jumpstarts and operationalizes Chronicle with multitenancy, rule and parser content management, rule and parser packs, RBAC, SSO, and more. Plus it integrates with Chronicle SOAR (formerly Siemplify).
Have critical context with ActOns™
Boost efficiency and effectiveness with the information you need at your fingertips. Resolution Intelligence Cloud generates actionable insights you can act on, called ActOns. ActOns present highly curated, contextual data – like related alerts, asset, and user data. You can focus on what matters most because ActOns are prioritized based on a risk score aligned to your business, based on likelihood, impact, and confidence. Click to dive into details and investigate directly in Google Chronicle.
Maximize SOC and NOC effectiveness
Gain insight and oversight with situational awareness
Work from a complete picture with data across security and ops. Get insights at any level through dashboards that show what matters most.
Identify risky behaviors and unknowns
Detection rules find knowns. User and entity behavior analytics (UEBA) enables you to find unknowns. Security experts estimate that 60% of what you need find are the unknowns. For that, you need UEBA.
Catch risky behaviors before they cause harm, and know which situations need attention with risk scores based on likelihood, impact, and confidence. Have related evidence, timelines, related alerts, and more at your fingertips — all in one place.
Up-level SOC & NOC teams
Automate responses that don’t require humans in the loop. Reduce noise and enable staff to focus on tasks that require their expertise. Resolution Intelligence Cloud gives teams the context they need to take informed action.
Get sub-second search at Google scale
Enjoy blazing fast, sub-second search on petabytes of data. With one click, pivot to investigate incidents directly in Chronicle. You maintain control of your Chronicle instances and IP.
Leveraging Google Chronicle, Resolution Intelligence Cloud provides sub-second search on data that's stored hot for a year.
Manage multiple tenants efficiently
Tenant-by-tenant management is time consuming and doesn’t scale. Resolution Intelligence Cloud adds multi-level multitenancy to your Google Chronicle instances. Log into Resolution Intelligence Cloud once to streamline rule- and parser-building, threat analytics, and event tracking across your entire base. Apply detection rules to all, some, or one tenant.
Analytics made actionable
Know what you need to do immediately, what can wait, and for how long. Resolution Intelligence Cloud uses behavioral, anomaly, and situational analytics coupled with business-risk awareness to prioritize the security of critical assets.
Use forensic analysis to systematically identify “patient zero,” then correct problems at the source.
Security posture mapped to MITRE ATT&CK
Identify and remedy detection gaps with automated log mapping to the MITRE ATT&CK framework. ActOns display a MITRE mapping of the correlated events detected, giving you instant insight.
Speed response with war rooms
Use ActOn war rooms to collaborate with analysts, colleagues, ops, customers, even third-party experts and legal counsel. Authorized participants collaborate with context and can see what happened when. Two-way integration at the ActOn level with Google’s Chronicle SOAR (formerly Siemplify) and ITSMs speeds resolution and enriches existing resolution workflows.