Threat Detection Rules

Reporting / Dashboarding

Investigation & Hunt Values

Triage Workflows and Playbooks

Security Analytics And Detection & Response At Hyperscale

What Only CNAP Can Deliver

CNAP improves security posture on-premise and in any cloud environment, and can replace or Augment a SIEM (Security Incident Event Management) or Log Management solution, an area that typically utilizes half or more of security tooling budgets.


Google Chronicle Partner of the Year 2019 & 2020

Why Choose Which Data to Store?

With a fixed, predictable pricing model that is decoupled from data volume and usage, CYDERES CNAP incentivizes organizations to collect and analyze ALL their security telemetry. Based on an organization’s preference, CYDERES offers alternate models to consume CNAP as a managed service. Base managed services can be tiered up to include orchestration automation as well as custom parser, content and playbook development.


Future Ready Architecture

Up to500% TCO Advantage over Leading SIEM Solutions

Architecturally, CNAP is built on a Google Cloud Platform (GCP) infrastructure foundation layer for unmatched performance, scale, availability as well as trust and compliance. Additionally, CNAP fully leverages Chronicle’s unified security data model, high performance search/ingest APIs, and advanced rules engine (YARA-L). The combination of GCP and Chronicle effectively represent a purpose-built security data lake that CNAP content and workflows leverage. All security telemetry is retained in an instantly accessible (sub-second search latency) state for 12 months by default.

Frequently Asked Questions

Understand the incredible value CNAP can bring to your environment.

CNAP is built on, and fully powered by Chronicle to store and process huge amounts of security telemetry. CNAP is a Google Native SaaS solution available on the GCP Marketplace. It is a Plug and Play option for the broader security market.

  • Visualizations on top of Chronicle Data
  • Custom Security Workflows
  • Massive SOC Content Library
  • Custom rules and detection development
  • High-Availability Forwarder Management

No, CNAP is a SaaS offering with essential deployment and support services included. However, we offer upgraded managed services to fully realize the power of CNAP with 24/7 managed detection and response. 

  • Managed Detection & Response (MDR) Add-On
  • Off-Hours 24/7/365 SOC
  • The Add-Ons are a separate SKU also in the GCP Marketplace

Chronicle requires a level of customization to deploy. CNAP has been to deployed to more than 50% all Chronicle customers globally.

  • A wide set of commonly requested customizations
  • Additional SIEM capabilities
  • End-to-End Security Operations Workflow

Yes, CNAP perfectly augments existing SIEMs. However, CNAP and Chronicle have reached a state of operational maturity that sees enterprise adoption across leading financial, healthcare, retail, and technology companies. CNAP is a proven security analytics solution you can rely on if you decide to make the switch and improve your cost efficiency and workflows.

GCP Security has combined the BigQuery, Chronicle and Looker platforms into a unified solution that addresses non-security use cases, drives compliance and offers unparalleled data visualizations.

CNAP comes with integration, implementation, custom parser development and hosted integration services. And if you are concerned about cost, we encourage you to actively dismiss legacy notions of storage limitations for security telemetry – CNAP allows for visibility into data across every security control – with 12-months of hot searchable retention.