Skip to content

Welcome to CYDERES

CYDERES is providing the world's first EMDR offering fueled by Chronicle. Chronicle brings some of the same security capabilities that Google's security is building into their products and tooling as well as borrowing from core Google products like searching and indexing in order to give good the advantage.

What is Chronicle

Chronicle's purpose is to fulfill the need to ingest telemetry, capitalize on unlimited storage capabilities, and augment data with threat intelligence directly tied to the most ubiquitous security tool that exists, VirusTotal. This platform disrupts the traditional models constrained by computational sizing, volume limits, and inability to normalize data from disparate platforms.

Prepare to Send Data

Data can be consumed in a number of different ways including local syslog forwarder, GCP/S3 data buckets, flat file, packet capture, Splunk query, or a managed ingestion service depending on the data source. These options allow Chronicle to be incredibly flexible in design choices when planning how to get data into the platform. Review the corresponding integration guide for each technology the most preferred and any optional paths in order to gather data.

Data Types

When Chronicle receives data, it maps the data into normalized data types. By performing this normalization, Chronicle is able to achieve the stitching of different sources of data into a single view. Reference the grid below for some current data sources and data types. The list is always increasing and integrations can be added easily.

EDR

  • Carbon Black Response
  • Digital Guardian
  • Malwarebytes
  • SentinelOne
  • Windows Sysmon
  • VMRay Analyzer
  • CrowdStrike
  • Endgame
  • Tanium
  • FireEye

Web Proxy

  • Bluecoat
  • Forcepoint
  • Fortinet
  • Cisco Umbrella
  • McAfee
  • Squid
  • ZScaler
  • Palo Alto Networks (Threat Log)

Firewall

  • Checkpoint
  • Fortinet
  • Cisco ASA
  • Palo Alto Networks (Traffic Log)
  • Juniper
  • SonicWall
  • F5
  • Cloudflare
  • Zscaler

DHCP

  • Bro
  • Infoblox
  • Sophos UTM
  • Cisco IOS
  • Windows
  • Cisco Umbrella
  • ExtraHop

DNS

  • Windows
  • Bro
  • BIND
  • Infoblox
  • F5
  • ExtraHop
  • Cisco Umbrella

Alert

  • McAfee
  • Sophos
  • Snort
  • Suricata
  • Windows Defender Advanced Threat Protection
  • Sourcefire