Strengthen security with more data & intelligence

Speed Chronicle time to value

Ingest all your security data. Chronicle is a powerful engine that stores data at petabyte scale with super-fast search. Resolution Intelligence Cloud uses Chronicle as its security data lake, then adds functionality that makes Chronicle easier to use and more useful: 

• Multi-level multitenancy of Chronicle instances with RBAC and SSO
• Content management system, rule and parser packs, GUI YARA-L rule builder
• MITRE ATT&CK gap analysis
• Implementation and customer support services

Detect what matters most

Does an unusual situation indicate malicious activity? What data is at risk — and how much does it matter? That depends on context. Resolution Intelligence Cloud provides the situational awareness and information analysts need to make the call and respond fast:

• Priority score based on impact, likelihood, and confidence
• Correlated alerts mapped to the MITRE ATT&CK matrix
• Event timelines
• Related asset and user data
• Super-fast search on hot security data for a year

Respond with context & collaboration

ActOns speed resolution with context at your fingertips. Click on any event to investigate at Google speed in Chronicle.

When resolution requires collaboration, create a War Room and invite authorized colleagues, other team members, customers, or third parties. Communications and actions are tracked so everyone has the transparency they need to move quickly. Optionally, take advantage of two-way ActOn integration with Chronicle SOAR (formerly Siemplify).

Resolution Intelligence Cloud correlates event data with global threat intelligence so you can get a headstart on threat containment.

Get insights across environments

When you manage multiple tenants, you need actionable insights that drive improvement and opportunities for all of them. Resolution Intelligence Cloud dashboards show metrics and trends across all, some, or any one end-customer. You can identify trends that need your attention. Plus, you can provide end-customers with visibility into metrics and trends that highlight the value you provide.

• No-code dashboard builder
• Multitenant analytics
• Analytics across all assets, clouds, data centers, etc.

Boost security with Threat Analytics Services

Supercharge your SOC with Netenrich Threat Analytics Services (TAS), offered as a subscription for Resolution Intelligence Cloud customers. The Netenrich Detection Engineering, Analytics, and Threat Hunting (DEATH) Labs team uses data, data analytics, machine learning, external intelligence, Resolution Intelligence Cloud, and their deep experience to find and thwart threats. Services include:

• Detailed threat hunting reports.
• Regular meetings with Netenrich security leaders about ways to strengthen your security posture.
• Detection, correlation, and enrichment tuning in Resolution Intelligence Cloud.

Protect your attack surface

Identify and mitigate the security risks of your dynamic attack surface with a comprehensive view of all digital assets. Resolution Intelligence Cloud:

• Continuously scans your network, including cloud environments, to identify any potential vulnerabilities that could be exploited. 
• Monitors external sources, such as the dark web, to detect indications of possible attacks.
• Assigns a risk score to each asset based on its potential exposure and criticality so you can focus on the most vulnerable and important assets.
• Sends real-time alerts of changes and new risks so you can respond quickly and prevent damage.