Transform security operations
Modernize your SOC to be dramatically more effective. Resolution Intelligence Cloud delivers insight from all your security telemetry data at Google scale and speed. Get intelligence and context to detect and respond to threats. Proactively protect your complex hybrid cloud infrastructure. Resolution Intelligence Cloud uses Google Chronicle as its security data lake for Google scale, sub-second search, and hot data for a year. Then it adds intelligence and functionality that make Chronicle more useful and easier to use for enterprise and service-provider SOC analysts.
Speed Chronicle time to value
Ingest all your security data. Chronicle is a powerful engine that stores data at petabyte scale with super-fast search. Resolution Intelligence Cloud uses Chronicle as its security data lake, then adds functionality that makes Chronicle easier to use and more useful:
- Multi-level multitenancy of Chronicle instances with RBAC and SSO
- Content management system, rule and parser packs, GUI YARA-L rule builder
- MITRE ATT&CK gap analysis
- Implementation and customer support services
Maximize effectiveness, minimize noise
Up-level everyone on the security team. Tackle the talent gap by automating tasks and minimizing noise that make SOC jobs so stressful.
Resolution Intelligence Cloud correlates alerts and provides extensive context, so analysts can do more high-value work — and save time. It automates tasks that don’t require humans in the loop to speed response.
Detect and respond to threats — fast
With too many security alerts, analysts need help identifying which ones to act on now. In addition to minimizing alert noise, Resolution Intelligence Cloud reveals patterns and unknowns with ActOns™. ActOns correlate important signals with relevant asset and user data. They're prioritized based on impact, likelihood, and confidence — representing risk to the business. So analysts know what to act on and have the right information.
Detect what matters most
Does an unusual situation indicate malicious activity? What data is at risk — and how much does it matter? That depends on context. Resolution Intelligence Cloud provides the situational awareness and information analysts need to make the call and respond fast:
- Priority score based on impact, likelihood, and confidence
- Correlated alerts mapped to the MITRE ATT&CK matrix
- Event timelines
- Related asset and user data
- Super-fast search on hot security data for a year
Respond with context & collaboration
ActOns speed resolution with context at your fingertips. Click on any event to investigate at Google speed in Chronicle.
When resolution requires collaboration, create a War Room and invite authorized colleagues, other team members, customers, or third parties. Communications and actions are tracked so everyone has the transparency they need to move quickly. Optionally, take advantage of two-way ActOn integration with Chronicle SOAR (formerly Siemplify).
Resolution Intelligence Cloud correlates event data with global threat intelligence so you can get a headstart on threat containment.
Get insights across environments
When you manage multiple tenants, you need actionable insights that drive improvement and opportunities for all of them. Resolution Intelligence Cloud dashboards show metrics and trends across all, some, or any one end-customer. You can identify trends that need your attention. Plus, you can provide end-customers with visibility into metrics and trends that highlight the value you provide.
- No-code dashboard builder
- Multitenant analytics
- Analytics across all assets, clouds, data centers, etc.
Boost security with Threat Analytics Services
Supercharge your SOC with Netenrich Threat Analytics Services (TAS), offered as a subscription for Resolution Intelligence Cloud customers. The Netenrich Detection Engineering, Analytics, and Threat Hunting (DEATH) Labs team uses data, data analytics, machine learning, external intelligence, Resolution Intelligence Cloud, and their deep experience to find and thwart threats. Services include:
- Detailed threat hunting reports.
- Regular meetings with Netenrich security leaders about ways to strengthen your security posture.
- Detection, correlation, and enrichment tuning in Resolution Intelligence Cloud.
Protect your attack surface
Identify and mitigate the security risks of your dynamic attack surface with a comprehensive view of all digital assets. Resolution Intelligence Cloud:
- Continuously scans your network, including cloud environments, to identify any potential vulnerabilities that could be exploited.
- Monitors external sources, such as the dark web, to detect indications of possible attacks.
- Assigns a risk score to each asset based on its potential exposure and criticality so you can focus on the most vulnerable and important assets.
- Sends real-time alerts of changes and new risks so you can respond quickly and prevent damage.