Feature

Value

Chronicle licenses from Netenrich

Foundation for Google Chronicle uses Chronicle as its security data lake and supports multiple instances.

Insights, dashboards, and reports based on data analytics

Gain meaningful insights from advanced analytics on petabytes of data and across multiple tenants. Pre-built and configurable reports and dashboards highlight the information that's important to your organization, so you get advanced insights without having to hire your own data analytics team.

Multi-level multitenancy and RBAC 

Get highly scalable deployment, visibility, and management across multiple Chronicle tenants secured with role-based access control (RBAC). Save time and ensure consistency by creating rules in Chronicle and applying them to one, some, or all tenants at once.

Netenrich threat intelligence

Discover top vulnerabilities and map threat trends with vulnerability disclosures, reference lists of threat intelligence, and advisories. 

Threat rules, parsers, and forwarders builder

Easily create and manage Chronicle detection rules, parsers and forwarders, then apply them to one, some, or all tenants at once. Get rule packs of pre-built detection rules, parsers, and forwarders.

Data search and availability

Search raw unparsed logs in Chronicle. Have twelve months of hot security telemetry data for fast detection and investigation of threats with long dwell times.

Single Sign On (SSO) 

Click from Foundation for Google Chronicle to immediately investigate in Chronicle with sub-second search.