Skip to main content

A few members of the Google Cloud Security Community have expressed interest in sharing detection content with each other to build a stronger collective defense against threats.

We’re pleased to announce that our GitHub repository that contains a collection of rules compatible with Google's SecOps detection engine has been revitalized and we’re ready to collaborate on contributions from the user community.


Here’s how to get involved: 

We look forward to building together!

Great news—I’m really excited about this initiative!

To be honest, I've felt Google SecOps has been trailing other SIEM vendors for quite some time, especially in terms of available detection content. The Curated Detections have been helpful as a starting point but leave some significant coverage gaps. For instance, critical areas like Active Directory have essentially no out-of-the-box detections, and smaller MSSP struggle to fill these gaps without a large team of dedicated detection engineers.

That's why I’m genuinely looking forward to seeing this community-driven project grow. Having more shared detection content would make a huge difference and I'm definitely interested in contributing.

Thanks for kicking this off!

@maxjunker Glad you're excited about this. We are too! Cant wait for you to jump in and contribute. And that goes for all Community members! Thanks

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.