Skip to the main content.
Partner Programs
Technology Partners
Featured Report




Accelerate time to value

Get a demo
Analytics Dashboard Netenrich-11

Resolution Intelligence Cloud Foundation

Resolution Intelligence Cloud (all plans) accelerates time to value. You get all the functionality of a data lake plus ease of use, content, and services for success at service-provider scale.

Resolution Intelligence Foundation, the entry-level subscription plan for Resolution Intelligence Cloud™, lays the foundation for using security data at petabyte scale. Netenrich provides implementation services, a customer success manager, and customer support for ongoing success.  See details below.

Configuration Screenshots-1


Amp up functionality and effectiveness

Resolution Intelligence Foundation makes a powerful engine more powerful by adding functionality to improve success and effectiveness.

  • Multi-level multitenancy
  • Detection rule builder that simplifies YARA-L rule development
  • Rule and parser packs plus a content management system
  • Configurable dashboards and reports (built on Big Query)
  • MITRE ATT&CK mapping, gap analysis
  • Blazing fast setup: Read the case study and see the how-to videos.


RIC Foundation Graphic Title sans Support


Get more from your investment

Gain insights across all tenants

Use Foundation to leverage built-in dashboards or the no-code dashboard builder to create your own so you can spot trends across all, some, or any one of your end customers. 

Create rule content packs

Foundation adds a content management system, so you can create content packs (sets of detection rules) for any or all tenants.

Reveal missing log coverage

Foundation reveals gaps in log coverage on a MITRE ATT&CK matrix. Choose known threats to overlay their tactics and techniques on the matrix to see where you're vulnerable.

Resolution Intelligence Cloud Foundation
Resolution Intelligence Cloud takes capabilities to the next level.
Resolution Intelligence Cloud Foundation provides
Data ingestion, search, retention
Security data ingestion from virtually any source (multi-cloud, data center, on-prem) at petabyte scale. Unified Data Model enables search at sub-second speeds, and you can search raw unparsed logs. Twelve months of hot security telemetry data. With single Sign On (SSO), you can also pivot seamlessly from Resolution Intelligence Cloud to Chronicle for search and threat hunting.
Multi-level multitenancy
Purpose-built for service providers and enterprises that manage multiple tenants, Resolution Intelligence Cloud Foundation provides highly scalable deployment, visibility, and management across multiple tenants secured with role-based access control (RBAC) and SSO.
Detection rules
GUI detection rule builder so you can create and edit YARA-L rules without code — a huge time saver for most people. Includes rules testing. Content Management System for managing rules and applying to all, some, or one tenant.
Rule and parser packs
Foundation comes with additional detection rules and parser packs to what Chronicle offers. Netenrich services can, optionally, create custom rules and parsers for you.
Dashboards and reports
Chronicle has default dashboards for analysis and reporting. Reporting is available by converting a dashboard to a shareable file (PDF, Excel, CSV, etc.). Dashboards are built on Looker (visualization layer) and BigQuery (data layer). With Foundation, you get additional dashboards and reports — modify those or create your own with our no-code, configurable dashboard builder built directly on BigQuery. It's faster and easier to use. Run reports on one, some, or all tenants.
MITRE ATT&CK mapping
Google Cloud Threat Intelligence (GCTI) provides and manages a set of YARA-L rules to help identify threats. Foundation maps alerts to the MITRE ATT&CK framework, providing context and making it easier to detect and respond. Foundation reveals gaps where you lack log coverage. At higher subscription levels, Resolution Intelligence Cloud shows patterns of related alerts mapped to MITRE ATT&CK to provide even more context.
Threat intelligence
Chronicle includes VirusTotal, and Chronicle customers who are Google Cloud Threat Intelligence (GCTI) customers get GCTI alerts. Netenrich Threat Intelligence adds third-party threat intelligence, vulnerability disclosures, reference lists of threat intelligence, and advisories.
Content Management System
Manage sets of rules for one or more instances. For example, group sets of rules that belong together, such as compliance rules, or even sets of rules specific to a type of compliance like PCI, HIPAA, and GDPR. Service providers can then create and manage rule packs for their customers who need them.
Trusted by
google_logo MultiCare logo Sada logo Cybriant logo Carahsoft logo Blue Mantis logo CDI Logo agiliti_logo UDT Logo Trace3 logo

Take control of your SOC

Let's talk about how Netenrich and Resolution Intelligence Cloud can help.