D3’s integration with Chronicle enables a combined analytic and investigative solution that can scale with no added cost. Chronicle is able to ingest data from across a client’s environment, including their detection tools, EPP, syslog, and more. It also aggregates information from third-party threat intelligence sources to help contextualize network activity. D3 can use this detailed intelligence to enrich alerts, while querying Chronicle for data to support advanced investigations.