Google Chronicle + D3 Morpheus
Connect Cloud-Based Detection to Cross-Platform Orchestration
Chronicle is a cloud-based threat detection solution built on Google cloud infrastructure. The integration between D3 Morpheus and Google Chronicle breaks down the barriers of siloed security tools and connects Chronicle to any other security tool in your environment.
Benefits and Capabilities
D3’s integration team takes the burden of integrations off your hands by building, maintaining, and upgrading the best possible connections between tools. We have studied Chronicle’s APIs and capabilities closely in order to provide a joint solution that surpasses Chronicle’s native SOAR integration. Benefits include:
- Fast and consistent response to Chronicle events with D3’s automated playbooks
- Increased speed and quality of triage
- Orchestrated enrichment and response across hundreds of other integrated tools
- Automated compliance and audit management
Use CAse
Real-Time Threat Intelligence Enrichment and Response
D3 users can fetch a Chronicle event, parse out the IoCs, check their reputations, enrich the event with detailed threat intelligence, and create new security rules to monitor for any newly discovered threats. This automated, real-time approach allows cybersecurity teams to stay ahead of threats by continuously updating their defenses based on real-time threat intelligence and reputation assessments.
- Flag incoming IoCs to respond to emerging threats on your network
- Check IPs and domains against integrated threat intelligence databases
- Trigger nested playbooks to respond to discovered incidents
Use Case
Asset Vulnerability Assessment and Management
When a D3 user needs to assess the security posture of their digital assets and effectively manage vulnerabilities, they can query Chronicle to pull a list of all assets accessed by specific artifacts, conduct Unified Data Model search queries to analyze events related to those assets for any signs of compromise. and update alert settings to prioritize vulnerable assets. This use-case enables the organization to continuously monitor and assess the security of its assets, ensuring that vulnerabilities are identified and managed promptly.
- Get lists of events on particular devices within a given time range to pinpoint vulnerabilities
- Identify unusual activities related to important assets
- Modify alert settings for specific rules in Chronicle
Why Morpheus?
Joint users of Google Chronicle and D3 Morpheus don’t just get real-time threat intelligence, response, and vulnerability management; they also get the countless other features that make Morpheus the leading AI SOC solution, including:
Expert-built codeless integrations across the stack
Tier 1–3 Automation, based on deep research into the capabilities of common tools
Hyperpipe, which reduces alert volume by up to 98%
Cross-dimension correlation, which acts across tools, timeframes, TTPs, and artifacts
Google Chronicle Integration: Summary
Integrations Done the Right Way
An unlimited number of pre-built integrations, expertly maintained by the largest technical team in security automation. Thoroughly researched, tested and built—and delivered for free. Always.
