SecOps Community

Google Cloud Security Talks 2023 virtual event
Hi SecOps Community! I wanted to invite you all to our upcoming Google Cloud S…

Christopher_Mitchell 9 views 0 comments 0 points Started by Christopher_Mitchell March 22
How to implement KQL Query form a playbook on html widgets?
Hello All, is it possible to show the KQL Query which was used within the play…

Mohammad Sulaiman 16 views 1 comment 0 points Most recent by Gal Polak March 14
Issues with the playbooks not running in simulator mode?
Is anyone else having issues with the playbooks not running in simulator mode? None of my playbooks…

Brad McCrillis 39 views 3 comments 0 points Most recent by Louis Mesmin March 14
Joining the SecOps Slack
Joining the SecOps Slack… I sent requests to invite my team, and got a will be …

Chris_Bentley 29 views 7 comments 0 points Most recent by Andrew Malone March 8
Issue with how playbook priority works across multiple environments
Has anyone else had issue with how playbook priority works across multiple environments? For exampl…

Andrew Cook 2 views 1 comment 0 points Most recent by Todd Pigram February 19
Default alert or case views
Hello All, how the default alert/case views for you guys look like? trying to b…

Mohammad Sulaiman 2 views 0 comments 0 points Started by Mohammad Sulaiman February 19
Chronicle SIEM reference lists
This post was originally sent by Tom Fridman The future's so bright - gotta…

TomFridman 3 views 0 comments 0 points Started by TomFridman February 15
Serverless compute within chronicle
I wanted to throw this out for anyone in the community - what has everyone been doing to look at se…

Nathan Morrow 3 views 0 comments 0 points Started by Nathan Morrow February 15
install siemplify
Can I install siemplyfy on redhat kvm on premise

Anirudha Sharma 3 views 1 comment 0 points Most recent by ShakedTal February 15
Oops you did it again!
This post was originally sent by Tom Fridman hi …

TomFridman 4 views 0 comments 0 points Started by TomFridman February 9
The Grandma test
This post was originally sent by Tom Fridman Tom the boy (this is how we ca…

TomFridman 5 views 0 comments 0 points Started by TomFridman February 6
SIEM Rules
Curious, do people share rules here that they have developed? Based on seen activity or just rules …

Brad McCrillis 1 view 0 comments 0 points Started by Brad McCrillis February 3
IDE funtionality verses Playbook functionality
I wanted to do something simple, like decode a base 64 sting. I copied the function and added the c…

Brad McCrillis 1 view 0 comments 0 points Started by Brad McCrillis February 2
Our next Office Hour addresses Chronicle SOAR Approval Links.
This post was originally sent by Tom Fridman As we continue to provide you …

TomFridman 4 views 0 comments 0 points Started by TomFridman February 2
Connectors session video
This post was originally sent by Tom Fridman Is this highly informative ses…

TomFridman 7 views 0 comments 0 points Started by TomFridman February 2
Community meets
Are there any plans for SecOps community meets - either online or irl? I..e. Us…

Chris_Bentley 1 view 1 comment 0 points Most recent by TomFridman January 26
SecPops Playlist
This post was originally sent by Tom Fridman Hi …

TomFridman 1 view 3 comments 0 points Most recent by TomFridman January 25
Mapping and Modeling session video
This post was originally sent by Tom Fridman Hi …

TomFridman 1 view 0 comments 0 points Started by TomFridman January 18
Playbook Menu
I wanted to share this to see if anyone is interested in this. Or if someone else has done somethin…

Brad McCrillis 12 views 6 comments 0 points Most recent by Brad McCrillis January 16
JSON FIlter Documentation
I think I have a syntax issue. Or I am doing this wrong? I want to filter out all message ID's that…

Brad McCrillis 2 views 1 comment 0 points Most recent by Brad McCrillis January 15
Functions that require single input
I have found a few functions that fail if they receive more than a single input. Mimecast Report M…

Brad McCrillis 2 views 0 comments 0 points Started by Brad McCrillis January 15
Connectors Office Hour
This post was originally sent by Tom Fridman Connectors work as a main mech…

TomFridman 1 view 0 comments 0 points Started by TomFridman January 14
Define the industry outlook for the next 5-10 years
A decade from now, a lot of what we see today as the cybersecurity market will get absorbed by the …

Ross Haleliuk 1 view 0 comments 0 points Started by Ross Haleliuk January 12
Interested resources for Google SecOps
Hi Google SecOps community! My name is Chris Bentley and I’m a SOC analyst at a healthcare company …

Chris_Bentley 1 view 5 comments 0 points Most recent by Cyrus Robinson January 12
Open sourced our Chronicle detection rules
Hey all, I open sourced our Chronicle detection rules (and a few helpers) on Gi…

Mikail Tun 11 views 4 comments 1 point Most recent by Mikail Tun January 4
Headers for Case Description?
Hello All, How can I use headers for Case Description? tired markup did not worked. I tried like &q…

Mohammad Sulaiman 2 views 3 comments 0 points Most recent by Mohammad Sulaiman January 2
Schedule playbooks
Hi, is there a way to schedule playbooks and have them run automatically?

Niklas Keller 2 views 1 comment 0 points Most recent by Joseph January 2
Missed the session?
This post was originally sent by Tom Fridman Missed the session? Here is th…

TomFridman 1 view 0 comments 0 points Started by TomFridman December 2022
Cool non-security alert automation
Hi, all! We're still working on the details, but I wanted to share a cool non-security alert automa…

Cyrus Robinson 13 views 1 comment 0 points Most recent by Gary Hunter December 2022
Enterprise insights feature
Hi All, I was wondering if the Demo has the 'Enterprise insights' feature

Yaniv_Menasherov 1 view 0 comments 0 points Started by Yaniv_Menasherov December 2022

SecOps Community

SecOps Community

SecOps Community

Discussion List

SecOps Documentation