Google Cloud wants to help you detect security threats

As part of its efforts to better cater to enterprise customers, Google Cloud has announced a number of new security capabilities including a new way to utilize Chronicle's security analytics platform to detect threats.

The cybersecurity company Chronicle may have started out as part of Alphabet's moonshot X unit but last year it was folded into Google Cloud. Now customers will be able to use the company's security analytics platform to detect threats using a new rules language called YARA-L which has been built specifically for modern threats and behaviors.

YARA is a popular, open source language used for writing rules to detect malware and the Chronicle team created a new version of it to apply to security logs and other telemetry such as EDR data and network traffic. 

YARA-L provides security analysts with the ability to write rules which are better suited for detecting modern threats and according to Google, it allows for scalable, real-time and retroactive rule execution.

New data structure

Google Cloud also revealed that Chronicle is introducing a new data structure which combines a new data model with the ability to automatically link multiple events into a single timeline. This will certainly make things easier for security analysts who will no longer have to manically collect logs following a security incident.

Palo Alto Networks Cortex XSOAR will be the first Google Cloud partner to integrate with this new structure and the firm's VP of Product Strategy, Rishi Bhargava explained how Chronicle's new detection capabilities have enhanced its response in a blog post, saying:

“Cortex XSOAR offers automated enrichment, response and case management to enterprise-wide threats. The integration with Chronicle’s new detection capabilities and event timelines, across months or years of data, enhances that response and enables comprehensive threat management for our mutual customers.”

Additionally, Google is making its Web Risk API and reCAPTCHA Enterprise services generally available in an effort to help organizations protect user accounts from fraudulent activities online. The reCAPTCHA Enterprise service helps protect against scraping, credential misuse and automated account creation while the Web Risk API helps organizations identify known bad sites, warns users when they click on a bad link and prevents users from posting links to known malicious pages.

  • Keep your devices protected with our top picks for the best antivirus software

Via ZDNet

TechRadar – All the latest technology news

Read More

Bitdefender wants to protect your device for just over 7 dollars, but there’s a catch

If you're looking for a great deal on security – Bitdefender has extended its Black Friday sale and its Total Security 2020 platform has never been so cheap.

The company is offering a huge 60% discount, which means you pay only $ 35.99 (excluding taxes) for a year's protection instead of the usual $ 89.99. 

That’s about $ 7.20 per device, or just pennies per day, for one of the best security suites on the market.

While there is a VPN tool includes, it's not the best in town for a number of reasons – and we believe you'd be much better off using a standalone service such as  ExpressVPN.

In a nutshell, you get complete protection across up to five of your devices (Windows, MacOS, iOS and Android). The new version includes webcam and anti-ransomware protection and zero system slowdowns, plus dozens of other features.

Just bear in mind that this deal is only valid for the first year and you will likely pay far more going forward. One way to get around the issue is to use a different email on renewal to pass as a new customer. 

We'd recommend leaving the company's Antivirus Plus 2020 and Internet Security 2020 offerings; both of them are fantastic products but will run you $ 12 and $ 4 respectively. With Total Security 2020, you get a much better all-rounder with extra device coverage to boot.

TechRadar – All the latest technology news

Read More