Highlights:
- Google Cloud announced the public release of Curated Detections, a new threat intelligence service inside the Chronicle SecOps package.
- Curated Detections will be an additional cybersecurity solution backed by the Google product ecosystem for organizations, with the potential to compete with Microsoft’s new intelligence offering.
As the threat landscape becomes more complicated and security teams’ environments slowly sprawl to maintain pace, an increasing number of businesses are seeking to accomplish more with less.
Threat intelligence is an effective tool that enables this by giving insights into the most popular tactics, methods, and procedures (TTP) used by cybercriminals.
In response, Google Cloud announced the public release of Curated Detections, a new threat intelligence service inside the Chronicle SecOps package.
The solution will offer security teams detections produced by the Google Cloud Threat Intelligence (GCTI) team, enabling more visibility into Windows-based threats, GCP cloud attacks, and misconfigurations with less human administration.
For enterprises, Curated Detections will be an additional cybersecurity solution backed by the Google product ecosystem, with the potential to compete with Microsoft’s new intelligence offering.
A deeper look at curated detections
Outside of Google’s offering, “Curated Detections” are portions of threat intelligence created by a third-party supplier. These detections intend to filter out some noise and assist security teams in identifying the information of the highest value.
“The use of curated detections in threat intelligence provides practitioners with a greater level of trust in the information and enables them to make quicker decisions.” This particular form of threat intelligence appears to be more ‘real.’ According to Brian Wrozek, principal analyst at Forrester, it is simpler to comprehend for audiences that are not familiar with cybersecurity.
According to Wrozek, this information can be used to determine whether or not a company has been hacked, whether or not security measures are adequate, which vulnerabilities should be patched first, and how to adapt their overall security strategy.
Erik Most, a senior analyst at Forrester, believes that Google may progress further in the market by opening up its intelligence offering. However, the launch of Curated Detections will provide a new solution to the demand for threat intelligence.
According to Most, “I think that they may influence the market if they made this information available for non-Chronicle customers, in addition to the chance that further threat data from their ongoing acquisition of Mandiant will be made available.”
The threat intelligence market
The announcement comes at a time when the threat intelligence industry is witnessing growth. According to Future Market Insights, the total demand for intelligence is expected to expand from USD 8.8 billion in 2021 to USD 39.7 billion by 2031.
Google Cloud competes with a wide variety of suppliers, one of which is Microsoft, which recently introduced a new intelligence product called Microsoft Defender Threat Intelligence.
Microsoft Defender Threat Intelligence is a system that offers access to Microsoft’s security data signals while also helping detect cyber threats in real-time. The company monitors 35 ransomware families, 250 nation-states, and 43 trillion security signals daily.
Recorded Future is yet another major competitor in the industry. It provides a platform that uses Natural Language Processing and Machine Learning to evaluate and map relationships across billions of threat intelligence entities in real-time.
In 2019, Insight Partners paid USD 780 million to purchase Recorded Future. The previous year, Recorded Future announced the formation of a USD 20 million intelligence fund targeted toward early-stage startup companies.
Curated Detections stands out from competing products and services on the market even though it is still in its infancy due to its connections to the Google Cloud ecosystem and the Chronicle SeCops suite.
