Google Chronicle SOAR (Siemplify)
Google Chronicle is a well-known data analytics platform that is hosted on GCP. As the SIEM space evolved into the cloud, Google’s security division joined and expanded into it. As with any other SIEM solution, it can collect data from any source – in local infrastructure or the cloud.
Google Chronicle utilizes detections that vary from context built using YARA-L rules to purpose-built detections and correlation with IoCs. Google Chronicle SOAR is a cloud solution and is now integrated into a Google Chronicle offering. Like Splunk, Google decided to buy a SOAR solution and integrate it into its offering, which is why you will often hear people referring to Google Chronicle SOAR as Siemplify. As Siemplify was only a SOAR solution, Google Chronicle SOAR has the ability to integrate with third-party SIEMs and ingest alerts, incidents, and events.