Google Security Operations Reviews & Insights

Google Security Operations actually replaces our company old SIEM solution. The new UDM feature actually changes the way anyone can query the logs and get high quality co-relation.

If you have lots of log sources across different solutions. Then UDM co-relation is a game changer and well suited for you. IF you close and document all the incident report in SIEM then it's not good for you.

Siemplify, now part of Google Cloud is implemented in our IT department to inspect and visualize data to identify breaches and automate manual processes. The automation of processes has minimized the time we need to inspect and fix up security problems. It provides us with a sole pane of glass for SOC to work out of. We scale and carry out a lot of out-of-the-box integrations with multiple software across the single pane of glass.

Siemplify has a structure that is effective for supporting all types of automation and orchestration wants. It is generally designed to give security analysts an easier time; it sends group alerts that categorized according to IP. Provides customized playbooks that we have redesigned to fit the needs of our organization and they provide high quality triage.

We are using Siemplify as out SOAR platform and this has really help us identify all the security events and alerts across the organization.I love the fact how this allows to create custom integrations and connectors when required. The playbook is very handy and how it allows to quickly triage the alerts and also has an option to add threat intelligence prior to analyzing that particular event.

This has an option to integrate with wide range of services and modules. We were successfully able to connect with our firewalls, WAF, network devices, Intrusion detection systems (IDS) and intrusion prevention systems (IPS) along with servicenow to create a ticket and assign it to respective owners to analysis.