
We are pleased to announce that D3 has joined Chronicle’s network of technology partners as an Index Partner. Chronicle will also join the D3 CONNECT partner program. The partnership will be supported by a robust integration between D3’s next-generation SOAR platform and Chronicle’s cloud-based security analytics platform.
In addition to the obvious complementary nature of our platforms, D3 and Chronicle also share a commitment to fair and cost-effective licensing structures. Neither of our solutions charges users extra for ingesting more data or executing more workflows. This provides a significant advantage to:
Integrating D3 and Chronicle enables a combined analytic and investigative solution that can scale with no added cost. Chronicle is able to ingest data from across a customer’s environment, including their SIEM, endpoint tool, syslog, and more. It also aggregates information from third-party threat intelligence sources to help contextualize network activity. Chronicle normalizes, indexes, correlates, and analyzes that data to create curated dashboards that help security analysts identify and make sense of suspicious activity in their environment.
Joint users will be able to enrich alerts in D3 with Chronicle data, giving them valuable intelligence related to indicators like IP addresses and domains. Chronicle enrichment can be added to D3’s codeless playbooks as a drag-and-drop automated action. D3 can then orchestrate the appropriate response to the threat across the entire environment. The integration will take advantage of the full suite of API calls offered by Chronicle, ensuring that the joint solution has maximal functionality.
D3’s ability to reveal adversary behaviors by correlating events with the MITRE ATT&CK framework can be used to further enrich events. During complex investigations, the ATT&CK framework will help users uncover the extent of the attack and any related events. This information can be used to narrow down searches for additional information in Chronicle.
The joint solution of D3 and Chronicle will bring benefits to a wide range of organizations, including:
As our partnership develops, keep an eye out for more content about using D3 and Chronicle together to bolster your security operations. If you want to learn more about D3 SOAR, why not check out this two-minute video about our codeless playbooks.