The global platform for making sense of your security telemetry data.
Chronicle is a global security telemetry platform for investigation and threat hunting within your enterprise network. Chronicle makes security analytics instant, easy, and cost-effective. Chronicle is a specialized, cloud-native security analytics system, built on the core infrastructure that powers Google itself.
Modern threat detection
YARA-L for detecting modern malware-based threats.
Hunt at Google speed
Subsecond searches against petabytes of data.
Intelligent data fusion
Timelines and enriched data model for investigation and detection.
Full security telemetry retention, analysis at a fixed, predictable cost.
Discover the power of the Chronicle platform.
Get unparalleled telemetry storage for a fixed price.
Built on core Google infrastructure, Chronicle gives you an infinitely elastic container for storing your enterprise security telemetry.
Chronicle is not charged on data volume, meaning you can afford to keep every bit of security data you generate.
Easy to manage
Chronicle makes it easy to manage a multi-petabyte analytics system.
In an investigation, access to years of telemetry can mean the difference between clear answers and hoping for the best.
Unique, embedded threat signals help you find issues immediately.
Built-in threat signals
Sourced by Chronicle’s security engineering team, Uppercase threat signals are embedded right in the Chronicle platform.
Global data, local results
Uppercase signals are based on a mix of proprietary data sources, public intelligence feeds, and other information.
Smarter over time
Powered by Uppercase, Chronicle spots signals immediately and only gets smarter as you upload more telemetry.
Boost your productivity with strategic automation.
Chronicle can handle petabytes of data, automatically.
Automatic analysis helps your analysts understand suspicious activity in seconds, not hours.
Automatic threat detection
Chronicle’s automated analysis engine correlates intelligence from global sources like VirusTotal with your own network and endpoint activity to find both known and late-breaking threats.