If I attempt to integrate a custom IOC threat feed from a private closed source, are those indicators kept inside my own tenant or are they used with all customers/instances of secops?
Question
Are custom IOC feeds kept private inside my SecOps instance
+2
+11They are custom and only used in your tenant.
+2
+11I think it would have been in the terms and conditions accepted as part of signing up to use Google SecOps, or the a larger Google Cloud agreement, but the Terms for SecOps are here - https://cloud.google.com/terms/secops/service-terms and Data Processing terms are here - https://cloud.google.com/terms/data-processing-addendum?hl=en That may have language that’ll help.
+2Thanks again, I think I found a reference that may be what I’ve heard might be spooking people I’ve spoken to.
3. Submission of Security Content. Mandiant Solutions may allow Customer to submit Security Content or other malware to Google. Customer acknowledges that any Security Content or other malware provided by Customer through the Mandiant Solutions is not Customer Data, and may be used, aggregated, analyzed and shared by Google to enhance the products and services Google provides to its customers.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.