Google Chronicle Suite Reviews

Google Chronicle Suite has significantly improved our organization's cybersecurity efforts. While working on a Threat Intelligence Platform to automate security processes, we found that Chronicle's quick data analysis using BigQuery sets it apart. Unlike other tools, it allows us to fetch and analyze logs within seconds, making our SOC processes more efficient. This speed is crucial for automating tasks and predicting potential cyber threats. Chronicle's seamless integration with BigQuery has streamlined our development efforts and advanced our threat intelligence capabilities.

The best thing about Google Chronicle Suite, especially for someone like me who analyzes security incidents, is how fast it fetches results. When dealing with real-time cyber threats, you need information quickly to respond within minutes. Waiting for data for an hour is just not practical. Chronicle's speed in getting the information I need is its most valuable feature, helping us stay on top of things and respond swiftly to potential security issues. Additionally, what sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool. This unique feature enables us to proactively identify and investigate potential threats, making it a preferred choice for our organization. The ability to swiftly navigate and analyze extensive datasets without significant delays makes Chronicle a robust solution for enhancing our cybersecurity efforts.

In terms of improvement, the UI can be a bit challenging for beginners. It might take some time for newcomers to grasp the queries and filtering process.

I have been using Google Chronicle Suite for a year.

I would rate the stability of the solution as a nine out of ten.

In terms of scalability and data ingestion, Chronicle performs well, allowing for efficient handling of large volumes of data. Despite the multi-tenancy limitation, its robust scalability makes it effective for organizations dealing with substantial data flows and ingestion requirements.

I would rate the support as an eight out of ten. While it is generally good, it takes some time for them to respond.

Positive

We transitioned from using IBM QRadar to Google Chronicle Suite. The shift was made by our organization's development of a Threat Intelligence Platform, where speed in handling queries and rapid data retrieval was crucial. Google Chronicle was one of the best options for meeting these specific requirements.

Setting up Google Chronicle Suite was pretty straightforward with clear guidelines in place. About eight people were part of the deployment, with around sixty-seven working on different tasks like creating rules, onboarding, and monitoring. The whole process took about six to seven days.

The pricing of Google Chronicle Suite is relatively average, but it can become costly for larger organizations, especially if they also opt for additional platforms like Simplify.

I find Google Chronicle to be a valuable asset for cybersecurity, standing out from traditional monitoring tools like QRadar and Ark. While those tools often face challenges with extended loading times when querying historical data, Chronicle addresses this issue effectively.

My advice to new users would be to learn the basics of queries and the UDM. Having a good understanding of SQL can help. Also, understand how UTMs are designed because it makes using Chronicle a lot easier. Overall, I would rate Google Chronicle Suite as an eight out of ten.

We use the product for MDR requirements.

The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience. We can seamlessly create graph dashboards and reports for the customers as per the contracts. The performance speed makes the operations easy. It connects the user accounts quickly, as in-built connectors are available for vendors in Palo Alto and Check Point.

It is challenging to create rules and context of the language. A few areas are difficult to understand for someone who has less experience using the product.

We have been using Google Chronicle Suite for three months. It is a cloud deployment and the latest version.

The product is stable enough at the moment. I rate the stability a nine.

We have less than 100 Google Chronicle Suite users in our organization. It is a cloud solution and is easy to scale. It is suitable for all business verticals. I rate the scalability a ten out of ten.

We receive support from local engineers. The technical support for Google consists of well-prepared information or documentation. We need to pay for raising tickets depending on SLA. Overall, the team is helpful.

Positive

It is a cloud deployment, and thus, we have to click a few buttons. The time taken depends on the scale of the operation. It takes at least an hour to install. However, it requires around six weeks to deploy and configure fully. The deployment involves multiple steps, from the initial setup to configuring connectors, defining data flows, specifying log files, and deciding what information is suitable for analysis to be visible on the dashboard.

I rate the process a ten out of ten.

I rate Google Chronicle Suite's pricing a five out of ten. We have to pay extra charges for the amount of data transfer and technical support services.

I advise others to work with Google Chronicle Suite if they already use other GCP products. They should refer to all the strategies about how to utilize the product. They should work with an external company or consultant, as deploying everything from scratch is difficult.

I rate it a seven out of ten.

We are one of the five partners of Google Chronicle Suite in the world. We resell the solution, and we implement it for Google.

Google Chronicle Suite is a highly scalable solution with good search capabilities. The enterprise version comes with one of the best threat intelligence capabilities in the world.

The solution's graphical user interface (GUI) should be more user-friendly.

I have been using Google Chronicle Suite for more than two years.

I rate the solution eight and a half out of ten for stability.

I rate Google Chronicle Suite nine and a half out of ten for scalability.

The solution's technical support is good but not great. Recently, Google has started hiring people for the technical support team. We never needed their support unless it was something to be done to which we did not have access.

Positive

The solution’s initial setup is not that easy.

We have done multiple implementations, and the solution's deployment time depends on the organization.

Compared to other solutions, Google Chronicle Suite's pricing is fine.

We are using the latest version of Google Chronicle Suite.

Scalability is one of the requirements in enterprise-level organizations. They need a flexible solution that can be scaled easily. An enterprise-level organization will have huge amounts of data. If you want to do threat hunting for one year for such an organization, you don't want a system that goes down if you search for more than 30 days. You need a solution that will give you good search results.

Google Chronicle Suite is one of the best products in the market if you are looking for incident response and threat-hunting use cases. It is not a recommended solution for compliance, reporting, or dashboarding.

Overall, I rate the solution a seven or seven and a half out of ten.

The solution is implemented in our organization. Most employees use it. We use it for storage and security. We are using it for endpoint security.

The support team is responsive.

The tool is a little bit difficult to use compared to Microsoft Sentinel. I use it every day. I needed time to adjust and get used to the solution.

I have been using the solution for a few months.

It was difficult to configure the solution the first time because I hadn’t seen such a solution before. The product provides documentation and support.

The tool is cheaper than Microsoft Sentinel.

The solution is new compared to Microsoft Sentinel. There is a big difference between them. Sentinel is Microsoft’s cloud security solution. It supports all cloud solutions.

We are looking into other solutions for endpoint security. A consulting company advises us on the solutions that can be integrated with Google Chronicle Suite. Overall, I rate the solution a six out of ten.

We use the solution to check alerts. 

Google Chronicle Suite provides useful APIs. 

The tool is complicated for a first-time user. It should also include newer APIs. 

I have been working with the product for six months.

Google Chronicle Suite is stable. 

The tool is scalable. 

Google Chronicle Suite's technical support is good. If you don't want to experience delays, you need to set up a priority. 

The solution's pricing is dependent on the data amount. 

I rate the product a nine out of ten. 

We use the product as a SIEM. 

The tool's most valuable feature is the search option, allowing easy navigation. 

The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now. 

I have been using the product for one year. 

I rate the tool's stability an eight out of ten. 

I rate Google Chronicle Suite's scalability a seven out of ten. 

The tool's deployment is not difficult. 

I rate the product an eight out of ten. 

I've been using the solution as a consultant while working for a client who has chosen Google Chronicle as their SIEM solution. We are using the product as a centralized log management solution and as a solution for threat intelligence. We use it to analyze incoming log information and automatically generate alerts from indicators that have been compromised.

The search feature is quite performant. The log folder is fairly simple. It is easy to get it up and running and to use for log management and forwarding. I found it quite useful that the solution has premade dashboards, which provide information on errors in the system and general monitoring functionality.

The configuration is not optimal. It requires copy and paste of configuration files. Generally, the ingest of logs could be done in simpler and more streamlined ways. The exporting of log information also has room for improvement.

I am using the solution currently.

I rate the tool’s stability a ten out of ten. I have not encountered any issues.

I rate the tool’s scalability a ten out of ten. Around 12 people use the product in our organization. The usage will increase as it's gaining traction on the market, and more people will have to work in consulting.

I'm working as a SIEM consultant. I've worked with several SIEM systems over time.

The initial setup is very easy. As a cloud-native tool, it includes provisioning an instance and connecting it to a single sign-on. I rate the ease of setup a ten out of ten.

The price is not dependent on the volume of information ingested, which most competitors do. In many cases, that makes it less pricey than the competition, but not in all cases.

The solution has room for improvement. People who want to use the tool must get a Google partner to work with them and outsource the whole thing. The product is a great choice. Organizations must ensure they have competent people who can use the tool to its full potential. A lot of it may be wasted if they don't have the right people or the right partner. Overall, I rate the product an eight out of ten.

We use the product for search engine integration and its ability to monitor and address network attention or login issues 24/7.

The product helps us with data retrieval and security features.

The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well.

The product's default dashboard feature has a few limitations regarding availability.

We have been using Google Chronicle Suite for two years as an integrator.

We encountered platform downtime once or twice.

It is a scalable product. We manage accounts for Google Chronicle Suite seven to eight customers.

We have limited technical support services. However, they provide good support, understand the queries, and respond.

Positive

The initial setup process is easy. The deployment involves checking default requirements for installing the product and configuring the log source. It requires five to ten minutes to complete. It doesn't need any maintenance. We have to make sure the forwarder is not switched off.

I rate Google Chronicle Suite a nine out of ten. It helps connect to the log sources rapidly. However, it has limited IAM access and dashboarding features.