Jumpstart Google Chronicle, accelerate time to value
Resolution Intelligence Foundation, the entry-level subscription plan for Resolution Intelligence Cloud™, lays the foundation for using security data at petabyte scale in Google Chronicle. Resolution Intelligence Cloud (all plans) uses Chronicle as its security data lake. You get all the functionality of Chronicle plus ease of use, content, and services for success at service-provider scale. Plus, you'll have the customer support you need to get started and succeed.
Harness the power of Chronicle with the usability of Resolution Intelligence Cloud
Chronicle is a powerful engine. Resolution Intelligence Foundation harnesses and operationalizes it with functionality that improves success and effectiveness, such as:
- Multi-level multitenancy of Chronicle instances
- Detection rule builder that simplifies YARA-L rule development
- Rule and parser packs plus a content management system
- Configurable dashboards and reports (built on Big Query)
- MITRE ATT&CK mapping
See details below. Plus, Netenrich provides implementation services, a customer success manager, and customer support for ongoing success. Upgrade anytime to Resolution Intelligence Cloud Analytics and Resolutions for intelligence, context, automation, and more to speed detection and response while up-leveling staff.
Capability | Chronicle | Resolution Intelligence Foundation |
---|---|---|
Data ingestion, search, retention |
Ingestion at petabyte scale (multi-cloud, on-prem, data center). Unified Data Model (UDM). Super-fast search. Twelve months hot data. |
All benefits of Chronicle plus pivot seamlessly from Foundation GUI to Chronicle to search and threat hunt. |
Multitenancy |
Purpose-built to manage multiple Chronicle tenants from one place. Cross-tenant visibility. Secured with role-based access control (RBAC) and SSO. |
|
Detection rules |
Write and edit rules in YARA-L. |
GUI rule builder: create and edit YARA-L rules without code. Rules run directly in Chronicle. Includes rule testing. |
Content management |
Manage/package sets of rules for one or more Chronicle instances. Example: sets of rules for Compliance, or specifically for PCI Compliance. |
|
Rule and parser packs |
Comes with detection rules and parsers. |
Additional rule and parser packs. Netenrich can, optionally, create custom rules and parsers. |
Dashboards and reports |
Default dashboards for analysis and reporting. Dashboards built on Looker and Big Query. |
Additional dashboards and reports plus no-code configurable dashboard builder on BigQuery. Run dashboards and reports on one, some, or all Chronicle tenants. |
MITRE ATT&CK mapping |
Google Cloud Threat Intelligence provides and manages a set of YARA-L rules to help customers identify threats to their enterprise. |
Maps alerts to MITRE ATT&CK framework. Dashboards display MITRE ATT&CK tactics. At higher subscription levels, correlated alerts are mapped to MITRE ATT&CK for context in ActOns. |
Threat intelligence |
VirusTotal. Google Cloud Threat Intelligence (GCTI) customers get GCTI alerts. |
Netenrich Threat Intelligence adds 3rd-party threat intel, vulnerability disclosures, reference lists of threat intelligence, advisories. |
Capability |
Chronicle |
Resolution Intelligence Cloud Foundation |
Data ingestion, search, retention |
Security data ingestion (multi-cloud, data center, on-prem) at petabyte scale. Unified Data Model. Sub-second search. Twelve months hot data. |
Pivot seamlessly from Foundation directly into the right Chronicle tenant to search and threat hunt. |
Multi-level multitenancy |
|
Purpose-built for service providers and enterprises that manage multiple tenants. Highly scalable deployment, visibility, and management across multiple Chronicle tenants. |
Detection rules |
Write and edit rules in YARA-L. |
GUI detection rule builder: create and edit YARA-L rules without code. Rules run directly in Chronicle. Includes rule testing. |
Content Management System |
|
Create sets of rules for one or more Chronicle instances in one place. Examples: sets of rules specific to compliance or specifically PCI compliance. Service providers create and manage rule packs for their customers. |
Rule and parser packs |
Chronicle comes with a set of detection rules and parsers. |
Additional detection rules and parser packs. Netenrich services can, optionally, create custom rules and parsers for you. |
Dashboards and reports |
Default dashboards for analysis and reporting. Reporting by converting to shareable file (PDF, Excel, CSV, etc.). Dashboards built on Looker and BigQuery. |
Additional dashboards and reports — modify those or create your own with our no-code, configurable dashboard builder built directly on BigQuery. It's faster and easier to use. Run reports on one, some, or all Chronicle tenants. |
MITRE ATT&CK mapping |
Google Cloud Threat Intelligence (GCTI) provides and manages a set of YARA-L rules to help customers identify threats to their enterprise. |
Maps alerts to the MITRE ATT&CK framework. Dashboards display MITRE ATT&CK tactics. At higher subscription levels, see related alerts mapped to MITRE ATT&CK for context. |
Threat intelligence |
VirusTotal. Google Cloud Threat Intelligence (GCTI) customers get GCTI alerts. |
Netenrich Threat Intelligence adds third-party threat intelligence, vulnerability disclosures, reference lists of threat intelligence, and advisories. |
Trusted by





.png?width=221&height=100&name=agiliti-pp3fy2waenyzq4jnun4z5d6d9j74rxybe8i1y8zzsw%20(1).png)

Jumpstart Google Chronicle and keep control of your SOC
We're here to help! Let's talk about how Netenrich can help you jumpstart Chronicle plus get multitenancy, rule and parser packs, real-time dashboards, implementation support, and much more with Resolution Intelligence Cloud.