Skip to the main content.
Partner Programs
Technology Partners
Featured Report

gartner-hype-cycle-for-security-operations-report-2024

 

Platform Overview

Resolution Intelligence CloudTM optimizes operations

Request a demo
Hacker Code Snippet and Netenrich Alerts_3

Run security ops and digital ops at petabyte scale

More effectively than ever before — with all your data

Resolution Intelligence Cloud is a cloud-native data analytics platform for managing risk and optimizing overall operations, with the scale and speed of Google Chronicle built in. Taking a cybersecurity mesh architecture (CSMA) approach, the platform ingests all data across security and digital operations, correlates alerts, identifies incidents and pre-incident situations, prioritizes them based on business risk, and provides extensive context for fast, proactive resolution. With the platform, you can:

  • Observe everything from a common operational view of security and digital operations data.
  • Determine what matters and route actionable insights to the right people at the right time.
  • Understand what's happening with analytics and visualizations.
  • Act fast and proactively with context, proactively, and automate as much toil as possible.
  • Move closer to achieving autonomic security operations (ASO) to minimize the need for human intervention while improving operational effectiveness.

 

How Resolution Intelligence Cloud works

how-resolution-intelligence-works

Featured Report

Read Netenrich's Hybrid SOC and Security Tools Strategy Report 2024, a survey of key security decision-makers. The report's findings highlight the major organizational challenges, the transition to a Hybrid SOC, the use of AI for threat management, and more relevant topics.

Foundation for Google Chronicle

Ingest all your data at scale and speed. Observe everything across multiple tenants. Blazing fast setup takes a day.

Analytics

Discover what matters most. Gain situational awareness with real-time data analytics and machine learning that reveal anomalies, risky behaviors, and pre-incident situations

Resolutions

Resolve what matters, fast and proactively, with the right context and ActOns. Collaborate on resolution or use existing workflow.

Align security operations to your business

Insights to act on

Insights to act on

Stop the barrage of alerts. ActOns correlate alerts with asset and user data so you can act decisively on what matters most to the business now.

Prioritize by business risk

Prioritize by business risk

Save time and sanity: stop chasing false positives and know where to focus with priority scores aligned to business risk.

Advanced analytics

Advanced analytics

Detect unknowns with advanced anomaly detection, analytics, and ML across real-time data from hybrid cloud environments.

Business & Financial

Collaboration war rooms

Create secure war rooms to collaborate with colleagues, customers, and other key stakeholders in a single place with extensive context.

Consultation Service

Threat intel & detection

Discover top vulnerabilities and map threat trends with Threat Hunting Services, vulnerability disclosures, and advisories.

Fast resolution

Fast resolution

Automate investigation and remediation tasks while providing your SOAR and ITSM with enriched context for faster resolution.

Ingest all your data

Resolution Intelligence Cloud ingests all your security and digital ops data, then identifies what matters most so you can proactively manage material risks to the business without constant fire drills. 

  • Ingest all your data for comprehensive observability — and search on hot data for a year.
  • Automatically discover anomalies, assets, and vulnerabilities.
  • Threat hunt.
  • Have the extensive context you need to effectively resolve critical issues.

Read about data ingestion and integrations.

Screenshot Insights Wellness

setup integrations

 

Blazingly fast setup

It takes less than a day to set up the platform, multiple Resolution Intelligence Cloud tenants, and diverse data sources. Ingest terabytes in days.

  • Connect directly to cloud data and populate Resolution Intelligence Cloud.
  • Easily configure data feeds to Resolution Intelligence Cloud.
  • See real-time ingestion health and analytics.
  • Use the Content Management System for detection rules and parsers that run in your Resolution Intelligence Cloud instances. 

 

Detect unknowns with behavioral analytics

  • Detect anomalous behavior based on any attribute, not just user behavior and entity behavior.
  • Run "what if" analyses to simulate situations and observe outcomes.
  • Track abnormal activity — in other words, where there’s more or less than normal.
  • Investigate anomalies with Conversational AI — no more manual pivots and queries.
  • And more.

 

anomaly detection

 

Have critical context with ActOns

Boost efficiency and effectiveness with the information you need at your fingertips. Resolution Intelligence Cloud generates actionable insights you can act on, called ActOns. ActOns present highly curated, contextual data — like related alerts, asset, and user data. You can focus on what matters most because ActOns are prioritized based on a risk score that’s aligned to your business and derived from likelihood, impact, and confidence. Click on ActOns to dive into details and investigate further.

image-png-1

 

Threat hunt & investigate with signal analytics

Start broader, dive deeper, and correlate relevant data with graph tools and a machine-learning (ML) toolkit.

  • Discover correlation, direction, and relationship strength between users, assets, and other entities.
  • Filter out the normal, find what is otherwise hidden.
  • Identify patterns with the easy-to-use ML toolkit to instantly cluster by MITRE tactic, MITRE technique, detection rule, and more.

 

Maximize SOC and NOC effectiveness

Gain insight and oversight with situational awareness

Work from a complete picture with data across security and ops. Get insights at any level through dashboards that show what matters most.

Situation Awareness Netenrich2

 

Up-level SOC & NOC teams

Automate responses that don’t require humans in the loop. Reduce noise and enable staff to focus on tasks that require their expertise. Resolution Intelligence Cloud gives teams the context they need to take informed action.

platform-alerts-tickets-pp3fy10tc4j1is6sakriz3vjlvkrdv6vuc99pe9dwg

 

Get sub-second search at Google scale

Enjoy blazing fast, sub-second search on petabytes of data that's stored hot for a year. With one click, pivot to investigate incidents further. You maintain control of your Resolution Intelligence Cloud instances and IP. 

Chronicle Access

 

Manage multiple tenants efficiently

Tenant-by-tenant management is time consuming and doesn’t scale. Resolution Intelligence Cloud adds multi-level multitenancy to your Google Chronicle instances. Log into Resolution Intelligence Cloud once to streamline rule- and parser-building, threat analytics, and event tracking across your entire base. Apply detection rules to all, some, or one tenant.

choose account-1

 

 

Security posture mapped to MITRE ATT&CK

Identify and remedy detection gaps with automated log mapping to the MITRE ATT&CK framework. ActOns display a MITRE mapping of the correlated events detected, giving you instant insights.

detection-coverage-against-threat-actors-1024x480 (1)