Skip to the main content.
Login SCHEDULE A DEMO
Login SCHEDULE A DEMO

Resolution Intelligence Cloud

Foundation for Google Chronicle

Get a demo
Analytics Dashboard Netenrich-1

Jumpstart Google Chronicle, accelerate time to value

Resolution Intelligence Foundation, the entry-level subscription plan for Resolution Intelligence Cloud™, lays the foundation for using security data at petabyte scale in Google Chronicle. Resolution Intelligence Cloud (all plans) uses Chronicle as its security data lake. You get all the functionality of Chronicle plus ease of use, content, and services for success at service-provider scale. Plus, you'll have the customer support you need to get started and succeed.

 

Harness the power of Chronicle with the usability of Resolution Intelligence Cloud

Chronicle is a powerful engine. Resolution Intelligence Foundation harnesses and operationalizes it with functionality that improves success and effectiveness, such as:

  • Multi-level multitenancy  of Chronicle instances
  • Detection rule builder that simplifies YARA-L rule development
  • Rule and parser packs plus a content management system
  • Configurable dashboards and reports (built on Big Query)
  • MITRE ATT&CK mapping

See details below. Plus, Netenrich provides implementation services, a customer success manager, and customer support for ongoing success. Upgrade anytime to Resolution Intelligence Cloud Analytics and Resolutions for intelligence, context, automation, and more to speed detection and response while up-leveling staff.

 Foundation Graphics

 

See plans & pricing

Get downloadable data sheet

Netenrich Resolution Intelligence Cloud is
on Google Cloud Marketplace

 

Go to Google Marketplace

Resolution Intelligence Cloud Foundation

Resolution Intelligence Cloud builds on the power of Google Chronicle. Capabilities listed below are available in Resolution Intelligence Cloud Foundation.

Capability Chronicle Resolution Intelligence Foundation

Data ingestion, search, retention

Ingestion at petabyte scale (multi-cloud, on-prem, data center). Unified Data Model (UDM). Super-fast search. Twelve months hot data.

All benefits of Chronicle plus pivot seamlessly from Foundation GUI to Chronicle to search and threat hunt.
Multitenancy
Purpose-built to manage multiple Chronicle tenants from one place. Cross-tenant visibility. Secured with role-based access control (RBAC) and SSO.
Detection rules
Write and edit rules in YARA-L.
GUI rule builder: create and edit YARA-L rules without code. Rules run directly in Chronicle. Includes rule testing.
Content management

Manage/package sets of rules for one or more Chronicle instances. Example: sets of rules for Compliance, or specifically for PCI Compliance.

Rule and parser packs
Comes with detection rules and parsers.
Additional rule and parser packs. Netenrich can, optionally, create custom rules and parsers.
Dashboards and reports

Default dashboards for analysis and reporting. Dashboards built on Looker and Big Query.

Additional dashboards and reports plus no-code configurable dashboard builder on BigQuery. Run dashboards and reports on one, some, or all Chronicle tenants.
MITRE ATT&CK mapping
Google Cloud Threat Intelligence provides and manages a set of YARA-L rules to help customers identify threats to their enterprise.
Maps alerts to MITRE ATT&CK framework. Dashboards display MITRE ATT&CK tactics. At higher subscription levels, correlated alerts are mapped to MITRE ATT&CK for context in ActOns.
Threat intelligence
VirusTotal. Google Cloud Threat Intelligence (GCTI) customers get GCTI alerts.
Netenrich Threat Intelligence adds 3rd-party threat intel, vulnerability disclosures, reference lists of threat intelligence, advisories.

 

Capability 

Chronicle

Resolution Intelligence Cloud Foundation

Data ingestion, search, retention

Security data ingestion (multi-cloud, data center, on-prem) at petabyte scale. Unified Data Model. Sub-second search. Twelve months hot data.

Pivot seamlessly from Foundation directly into the right Chronicle tenant to search and threat hunt.

Multi-level multitenancy

 

Purpose-built for service providers and enterprises that manage multiple tenants. Highly scalable deployment, visibility, and management across multiple Chronicle tenants.

Detection rules

Write and edit rules in YARA-L.

GUI detection rule builder: create and edit YARA-L rules without code. Rules run directly in Chronicle. Includes rule testing

Content Management System

 

Create sets of rules for one or more Chronicle instances in one place. Examples: sets of rules specific to compliance or specifically PCI compliance. Service providers create and manage rule packs for their customers.

Rule and parser packs

Chronicle comes with a set of detection rules and parsers.

Additional detection rules and parser packs. Netenrich services can, optionally, create custom rules and parsers for you.

Dashboards and reports

Default dashboards for analysis and reporting. Reporting by converting to shareable file (PDF, Excel, CSV, etc.). Dashboards built on Looker and BigQuery. 

Additional dashboards and reports — modify those or create your own with our no-code, configurable dashboard builder built directly on BigQuery. It's faster and easier to use. Run reports on one, some, or all Chronicle tenants. 

MITRE ATT&CK mapping

Google Cloud Threat Intelligence (GCTI) provides and manages a set of YARA-L rules to help customers identify threats to their enterprise. 

Maps alerts to the MITRE ATT&CK framework. Dashboards display MITRE ATT&CK tactics. At higher subscription levels, see related alerts mapped to MITRE ATT&CK for context. 

Threat intelligence

VirusTotal. Google Cloud Threat Intelligence (GCTI) customers get GCTI alerts.

Netenrich Threat Intelligence adds third-party threat intelligence, vulnerability disclosures, reference lists of threat intelligence, and advisories. 

Trusted by
Google_2015_logo multicare-logo-vector-pp3fy10m0zwf2wme5mbq0dng2rgecjqupz72zp2s5c SADA logo logo-it-authorities-pp3fy10m0zwf2wme5mbq0dng2rgecjqupz72zp2s5c delaware-customer-logo-pp3fy10m0zwf2wme5mbq0dng2rgecjqupz72zp2s5c UDTlogoFinal-pp3fy10m0zwf2wme5mbq0dng2rgecjqupz72zp2s5c agiliti-pp3fy2waenyzq4jnun4z5d6d9j74rxybe8i1y8zzsw (1) trace3-inc-logo-vector OpsRamp_Logo_Gray_Blue_RGB GreenPages Logo cdi-customer-logo-pp3fy10m0zwf2wme5mbq0dng2rgecjqupz72zp2s5c

Jumpstart Google Chronicle and keep control of your SOC

We're here to help! Let's talk about how Netenrich can help you jumpstart Chronicle plus get multitenancy, rule and parser packs, real-time dashboards, implementation support, and much more with Resolution Intelligence Cloud.