Deprecated: Function get_magic_quotes_gpc() is deprecated in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 99

Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 619

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1169

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176

Warning: Cannot modify header information - headers already sent by (output started at /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php:99) in /hermes/walnacweb04/walnacweb04ab/b2791/pow.jasaeld/htdocs/De1337/nothing/index.php on line 1176
Google Threat Intelligence - know who's targeting you | Google Cloud
Nothing Special   »   [go: up one dir, main page]

Features

Know who’s targeting you with unmatched visibility

Google Threat Intelligence provides unmatched visibility into threats enabling us to deliver detailed and timely threat intelligence to security teams around the world. By defending billions of users, seeing millions of phishing attacks, and spending hundreds of thousands of hours investigating incidents we have the visibility to see across the threat landscape to keep the most important organizations protected, yours.

Turn insights into action

Focus on the most relevant threats to your organization by understanding the threat actors and their ever changing tactics, techniques, and procedures (TTPs). Leverage these insights to proactively set your defenses, hunt efficiently, and respond to new and novel threats in minutes. 

Make Google part of your security team

Grow your team’s capabilities with Mandiant’s industry leading threat analysts. Our threat intel experts are on your side and here to help. Whether you're looking for cyber threat intel (CTI) training for your team, needing a deeper understanding of threats you should prioritize and action, or needing a CTI expert to sit with your team, we have the expertise to help you maximize threat intel.

Get help directly within the console from a Mandiant expert to address threats faster and move to your next task.

Supercharge your team with Gemini

Optimize your work flows with the help of AI. Gemini in Threat Intelligence analyzes vast datasets and acts as a force multiplier, immediately surfacing threats most relevant to your unique risk profile, reducing the noise of generic alerts. It continuously learns from your actions, tailoring its output to become increasingly relevant to your specific needs over time.

Simplify workflows and collaboration with a workbench

Take command of your threat analysis. Our threat intelligence workbench puts everything you need in one place: a vast malware database, powerful tools, insightful context, and effortless collaboration. Customize workflows with graphs, hunting results, rule sharing, and collections to maximize efficiency.

Trust a unified verdict

When it comes to security and the threats you are facing, you need to have confidence in the threat intelligence you use. Google Threat Intelligence pulls together inputs from Google’s vast threat insights, Mandiant’s frontline and human curated threat intelligence, and VirusTotal’s massive threat database to deliver a unified verdict. This provides you with a single answer on whether an indicator or suspicious object is something you should prioritize as a threat to your organization.

How It Works

Get ahead of the latest threats and respond in minutes, not weeks with Google Threat Intelligence. Leverage our broad visibility to blanket your event data with threat intel associations to reduce gaps. Fill in your blind spots maximizing containment and minimizing the potential impact of a breach.

Google Threat Intelligence overview

Common Uses

Automate IOC enrichment and alert prioritization

Enrich and prioritize SIEM alerts

Google Threat Intelligence helps efficiently manage the overwhelming volume of alerts. By providing a unified score that aggregates hundreds of technical details, Google Threat Intelligence simplifies alert prioritization. It offers curated threat intel details from Mandiant experts, community intel, and associated IOC info, allowing you to connect alerts and identify priority threats more effectively.
IOC enrichment and prioritization

    Enrich and prioritize SIEM alerts

    Google Threat Intelligence helps efficiently manage the overwhelming volume of alerts. By providing a unified score that aggregates hundreds of technical details, Google Threat Intelligence simplifies alert prioritization. It offers curated threat intel details from Mandiant experts, community intel, and associated IOC info, allowing you to connect alerts and identify priority threats more effectively.
    IOC enrichment and prioritization

      Respond to incidents with confidence

      Empower Incident response (IR) and Forensic capabilities

      Google Threat Intelligence empowers IR and forensic investigators with comprehensive and actionable insights for efficient threat analysis. With outstanding technical pivoting capabilities, curated and crowdsourced threat intelligence, and interactive graph visualizations, teams can quickly assess incident severity and identify additional indicators of compromise, context, and attribution.
      Incident response and forensics

        Empower Incident response (IR) and Forensic capabilities

        Google Threat Intelligence empowers IR and forensic investigators with comprehensive and actionable insights for efficient threat analysis. With outstanding technical pivoting capabilities, curated and crowdsourced threat intelligence, and interactive graph visualizations, teams can quickly assess incident severity and identify additional indicators of compromise, context, and attribution.
        Incident response and forensics

          Threat intelligence and advanced hunting

          Efficiently hunt for threats

          Google Threat Intelligence elevates the value of threat hunting by providing tailored risk profiles, including actors, campaigns, and malware families, to enable proactive threat tracking and mitigation. Detailed malicious activity reports and TTP analysis help refine detection and prevention strategies, while crowdsourced detection rules and YARA hunting capabilities uncover threats and malicious activity.
          Efficient threat hunting

            Efficiently hunt for threats

            Google Threat Intelligence elevates the value of threat hunting by providing tailored risk profiles, including actors, campaigns, and malware families, to enable proactive threat tracking and mitigation. Detailed malicious activity reports and TTP analysis help refine detection and prevention strategies, while crowdsourced detection rules and YARA hunting capabilities uncover threats and malicious activity.
            Efficient threat hunting

              Uncover external threats

              Stay ahead of the threats

              Proactively detect potential external threats by monitoring exposed data, your attack surface, and brand impersonation. Receive early warnings of potential breaches by identifying compromised credentials, websites, and phishing attacks abusing your brands. Monitor malware or malicious abuse of your infrastructure, assets, or image. Get notifications if your assets are found in a malware configuration.
              Stay ahead of threats

                Stay ahead of the threats

                Proactively detect potential external threats by monitoring exposed data, your attack surface, and brand impersonation. Receive early warnings of potential breaches by identifying compromised credentials, websites, and phishing attacks abusing your brands. Monitor malware or malicious abuse of your infrastructure, assets, or image. Get notifications if your assets are found in a malware configuration.
                Stay ahead of threats

                  Optimized vulnerability management

                  Put our resources where they are most needed

                  Change your approach to vulnerability management by combining asset exposure detection, vulnerability intelligence, and early threat detection. Proactively identify and prioritize vulnerabilities based on real-world exploitation data, including associated campaigns, and threat actors. This approach enables efficient allocation of resources, to prioritize the most critical vulnerabilities.
                  Vulnerability intelligence

                    Put our resources where they are most needed

                    Change your approach to vulnerability management by combining asset exposure detection, vulnerability intelligence, and early threat detection. Proactively identify and prioritize vulnerabilities based on real-world exploitation data, including associated campaigns, and threat actors. This approach enables efficient allocation of resources, to prioritize the most critical vulnerabilities.
                    Vulnerability intelligence

                      AI-driven threat intelligence

                      Know and track the biggest threats to your org everyday

                      Quickly get a grasp of your threat landscape and what has changed. In a single dashboard, see an up-to-date view of who’s targeting you, active campaigns, malware, and relevant vulnerabilities. Receive daily or weekly notifications on changes to your threat landscape to prepare the organization and stay ahead of the threats.
                      Google Threat Intel Demo screen

                        Know and track the biggest threats to your org everyday

                        Quickly get a grasp of your threat landscape and what has changed. In a single dashboard, see an up-to-date view of who’s targeting you, active campaigns, malware, and relevant vulnerabilities. Receive daily or weekly notifications on changes to your threat landscape to prepare the organization and stay ahead of the threats.
                        Google Threat Intel Demo screen

                          Understand threat intel faster with AI generated summaries

                          Leverage the power of Gemini in Threat Intelligence

                          Save time and reduce complexity when researching threats or geopolitical topics. Leverage Gemini in Threat Intelligence, an always-on AI collaborator that provides generative AI-powered assistance to help you distill Mandiant’s industry-leading corpus of threat intel information into easy to comprehend, natural language summaries, allowing you to quickly understand how adversaries may be targeting your organization and impacting the threat landscape.
                          Google Threat Intel Demo screen

                            Leverage the power of Gemini in Threat Intelligence

                            Save time and reduce complexity when researching threats or geopolitical topics. Leverage Gemini in Threat Intelligence, an always-on AI collaborator that provides generative AI-powered assistance to help you distill Mandiant’s industry-leading corpus of threat intel information into easy to comprehend, natural language summaries, allowing you to quickly understand how adversaries may be targeting your organization and impacting the threat landscape.
                            Google Threat Intel Demo screen

                              Get visibility into the threat actor’s playbook

                              Know how the attack will happen before it starts

                              Set a proactive security strategy by mapping the TTPs used against organizations just like yours. By mapping the TTPs with the MITRE ATT&CK framework you will be able to prioritize tasks, make adjustments to security settings, and make security investments with more confidence.
                              MITRE ATT&CK

                                Know how the attack will happen before it starts

                                Set a proactive security strategy by mapping the TTPs used against organizations just like yours. By mapping the TTPs with the MITRE ATT&CK framework you will be able to prioritize tasks, make adjustments to security settings, and make security investments with more confidence.
                                MITRE ATT&CK

                                  Anticipate, identify and respond to threats with confidence

                                  Visibility into active threat campaigns

                                  Threat intelligence can be helpful to proactively set your security strategy. When you need to know if there are any active threat campaigns targeting your region, industry, or vulnerabilities, Google Threat Intelligence can provide actionable insight into these campaigns. With this knowledge you can adjust your strategy quickly, driving better prioritization and mitigation of current and future threats.
                                  Threat campaigns

                                    Visibility into active threat campaigns

                                    Threat intelligence can be helpful to proactively set your security strategy. When you need to know if there are any active threat campaigns targeting your region, industry, or vulnerabilities, Google Threat Intelligence can provide actionable insight into these campaigns. With this knowledge you can adjust your strategy quickly, driving better prioritization and mitigation of current and future threats.
                                    Threat campaigns

                                      Pricing

                                      How Google Threat Intelligence pricing worksSubscriptions are priced on a flat annual rate with a set number of API calls per subscription level. More API call packs can be added separately.
                                      Product/subscriptionDescriptionPricing

                                      Google Threat Intelligence - Standard

                                      For organisations looking for threat intelligence driven event triage and detections to improve their security posture.

                                      Contact sales for pricing

                                      Google Threat Intelligence - Enterprise

                                      For organizations who want to use threat intelligence to be more proactive, know more about threat actors targeting them and conduct efficient hunting exercises.

                                      Contact sales for pricing

                                      Google Threat Intelligence - Enterprise+

                                      For organizations with a strong cyber threat intelligence teams who see threat intelligence as a critical tool to understand and stay ahead of their adversaries.

                                      Contact sales for pricing

                                      Google Threat Intelligence - OEM

                                      For Technology vendors looking to help their customers stay ahead of adversaries with Google Threat Intelligence.

                                      Contact sales for pricing.

                                      How Google Threat Intelligence pricing works

                                      Subscriptions are priced on a flat annual rate with a set number of API calls per subscription level. More API call packs can be added separately.

                                      Google Threat Intelligence - Standard

                                      Description

                                      For organisations looking for threat intelligence driven event triage and detections to improve their security posture.

                                      Pricing

                                      Contact sales for pricing

                                      Google Threat Intelligence - Enterprise

                                      Description

                                      For organizations who want to use threat intelligence to be more proactive, know more about threat actors targeting them and conduct efficient hunting exercises.

                                      Pricing

                                      Contact sales for pricing

                                      Google Threat Intelligence - Enterprise+

                                      Description

                                      For organizations with a strong cyber threat intelligence teams who see threat intelligence as a critical tool to understand and stay ahead of their adversaries.

                                      Pricing

                                      Contact sales for pricing

                                      Google Threat Intelligence - OEM

                                      Description

                                      For Technology vendors looking to help their customers stay ahead of adversaries with Google Threat Intelligence.

                                      Pricing

                                      Contact sales for pricing.

                                      Get a demo

                                      See what you can learn from Google Threat Intelligence.

                                      Contact us

                                      Contact us today for more information on Google Threat Intelligence.

                                      Learn more about threat intel

                                      Join the Google Threat Intel community

                                      Get a tour of Google Threat Intelligence

                                      Google Threat Intelligence overview

                                      Forrester Global State of Threat Intelligence

                                      Threat intelligence newsletter

                                      FAQ

                                      What is cyber threat intelligence (CTI)?

                                      CTI is a refined insight into cyber threats. Intelligence teams use credible insights from multiple sources to create actionable context on the threat landscape, threat actors and their tactics, techniques, and procedures (TTPs). The effective use of CTI allows organizations to make the shift from being reactive to becoming more proactive against threat actors.

                                      Credible threat intelligence can be used to understand the malware and TTPs threat actors use and the vulnerabilities they exploit to target specific industries and regions. Organizations use this intelligence to implement, configure, and adjust security tools, and train staff to thwart attacks.

                                      A threat actor is a person or group of people who conduct malicious targeting or attacks on others. Typically motivated by espionage, financial gain, or publicity, threat actors may conduct a full campaign alone or work with other groups who specialize in specific aspects of an attack.

                                      Assuming we all agree that a “threat” is defined as a plan or inclination to attack as opposed to an “attack” which is an existing or previously successful breach. Identifying active threats can be done using threat intelligence which will help provide context into the threat actors and malware impacting your specific region or industry. Another method to identify active threats is by scanning the open, deep, and dark web for chatter around your organization, personnel, technology, or partners. By identifying these threats, security professionals can proactively adjust their defenses to block or reduce the impact of a potential attack.

                                      Strategic – High level trends used to drive business decisions and security investments.

                                      Operational – Contextual information on impending threats to the organization, used by security professionals to understand more about threat actors and their TTPs.

                                      Tactical – Understanding of the threat actor TTPs, used by security professionals to stop incidents and make defensive adjustments.


                                      Google Cloud