Try our new research platform with insights from 80,000+ expert users
Google Security Operations Logo

Google Security Operations Reviews

Vendor: Google
4.5 out of 5
Leave a review

What is Google Security Operations?

Google Security Operations offers a robust playbook builder and integration capabilities designed to streamline workflows and integrate seamlessly with existing systems for enhanced security management.

Get the Security Orchestration Automation and Response (SOAR) Buyer's Guide and find out what your peers are saying about Google Security Operations, CrowdStrike Falcon, Splunk Enterprise Security and more!
Google Security Operations is the #11 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #14 ranked solution in SOAR tools, and #24 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give Google Security Operations an average rating of 9.0 out of 10. Google Security Operations is most commonly compared to CrowdStrike Falcon: Google Security Operations vs CrowdStrike Falcon. Google Security Operations is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 16% of all views.
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
December 2025
Get the category report
Helped 879,310 peers since 2012

Featured Google Security Operations reviews

Read more reviews

Google Security Operations mindshare

Product category:
Security Orchestration Automation and...
As of December 2025, the mindshare of Google Security Operations in the Security Orchestration Automation and Response (SOAR) category stands at 3.6%, up from 1.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Google Security Operations3.6%
Microsoft Sentinel13.9%
Palo Alto Networks Cortex XSOAR9.4%
Other73.1%
Security Orchestration Automation and Response (SOAR)
 
 
Key learnings from peers

Valuable Features

Google Security Operations features include comprehensive playbook builders and diverse integrations. Playbooks enable flexible workflows and automate routine tasks. The integrations support extensive customization, boosting capabilities and compliance adaptability. It effectively manages alarms and monitors threats in real-time, especially when aligned with Mandiant. The user interface remains intuitive, although updates may necessitate some adjustments.
  • "Overall, Google SecOps is a very useful service for security operations."
  • "Google SecOps is extremely useful for threat detection and hunting."
  • "The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."

Room for Improvement

Machine Learning capabilities, playbook-building ease, and improved integration are desirable for Google Security Operations. Users express a need for accurate threat descriptions and detailed reports, suggesting a comparison to Microsoft Sentinel for enhanced threat information. API connections pose difficulties, and minor issues persist. Better search functionality in playbooks and expanded case data export options are also requested. Communication with developers continues to address these needs.
  • "The main improvement could be in the accuracy and detail provided in threat descriptions."
  • "The main improvement could be in the accuracy and detail provided in threat descriptions."
  • "We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."

Popular Use Cases

Organizations primarily leverage Google Security Operations for orchestrating alerts, automating security responses, enriching data, and facilitating workflows for alert triage and investigation. The platform aids in real-time threat detection and integrates seamlessly with other systems such as ITSMs. Additionally, it enhances threat management capabilities by streamlining tasks like configuring playbooks and managing ticketing, especially when integrated with Mandiant. This ensures efficient monitoring and management of security events across client environments.

Stability

Users find Google Security Operations stable. It is praised for having an excellent community and official support. Some report minor issues post-deployment; however, these are swiftly addressed by the vendor. Many rate its stability highly, with one noting an eight out of ten. No significant stability-related issues have been encountered by others.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Security Orchestration Automation and Response (SOAR) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
11%
Manufacturing Company
8%
University
7%
Retailer
7%
Government
7%
Healthcare Company
5%
Outsourcing Company
4%
Real Estate/Law Firm
4%
Construction Company
4%
Performing Arts
3%
Comms Service Provider
3%
Insurance Company
3%
Non Profit
3%
Media Company
2%
Pharma/Biotech Company
2%
Logistics Company
2%
Energy/Utilities Company
2%
Educational Organization
2%
Wholesaler/Distributor
1%
Transportation Company
1%
Leisure / Travel Company
1%

Compare Google Security Operations with alternative products

Go!

Learn more about Google Security Operations

Google Security Operations stands out in threat detection, monitoring, and alarm management, especially when used alongside Mandiant. Its intuitive interface supports compliance requirements, and it provides customizable workflows through playbooks. Integration with multiple tools allows for automation and increased flexibility, though improvements in API connection determination and playbook search capabilities could enhance user experience. Effective in orchestrating alerts and managing security events, it is extensively used for automated response, efficient alert triage, investigation, reporting, and ticketing management, supporting over 20 use cases including real-time threat detection.

What are the Key Features of Google Security Operations?
  • Playbook Builder: Allows for creating customizable workflows tailored to specific scenarios.
  • Integration Capabilities: Facilitates connectivity with numerous tools for automation.
  • Threat Detection: Improves monitoring and response when combined with Mandiant's capabilities.
  • Simplicity in Feature Adoption: Easy incorporation of new features and workflows.
What Benefits Should You Look for in Reviews?
  • Workflow Efficiency: Automates triage and investigation processes for quicker security management.
  • Real-Time Threat Detection: Enhances monitoring effectiveness in Managed Extended Detection and Response strategies.
  • Flexibility: Adaptable integrations support dynamic security needs.
  • Compliance Support: Aids in maintaining regulatory standards with straightforward reporting features.

In industries where real-time threat response is critical, such as finance and healthcare, Google Security Operations is favored for its automation and integration capabilities. These characteristics are vital for efficiently managing complex security landscapes and maintaining compliance across sectors.

Google Security Operations was previously known as Siemplify ThreatNexus.

Google Security Operations customers

FedEx

Mondelez Intenrational

Check Point

Trustwave

Atos

Cyberint

Bae Systems

Crowe

Longwall Security

Telefonica

Nordea

HCL

Related questions

  • 92
What are the Top 5 cybersecurity trends in 2022?
  • 241
What is the difference between SIEM and SOAR platforms?
  • 83
What is an incident response playbook and how is it used in SOAR?
  • 31
What are the latest trends in Security Operations Center (SOC)?
  • 55
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 36
How to evaluate SIEM detection rules?
  • 28
Why a Security Operations Center (SOC) is important?
  • 31
What types of Security Operations Center (SOC) deployment models do exist?
  • 123
Why is Security Orchestration Automation and Response (SOAR) important for companies?
  • 20
When evaluating Security Orchestration, Automation, and Response (SOAR), what aspect do you think is the most important to look for?

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)
Security Information and Event Management (SIEM)
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Google Security Operations Logo
CrowdStrike Falcon vs Google Security Operations
Splunk Enterprise Security vs Google Security Operations Logo
Splunk Enterprise Security vs Google Security Operations
Microsoft Sentinel vs Google Security Operations Logo
Microsoft Sentinel vs Google Security Operations
IBM Security QRadar vs Google Security Operations Logo
IBM Security QRadar vs Google Security Operations
Elastic Security vs Google Security Operations Logo
Elastic Security vs Google Security Operations
Cribl vs Google Security Operations Logo
Cribl vs Google Security Operations
Cortex XSIAM vs Google Security Operations Logo
Cortex XSIAM vs Google Security Operations
Palo Alto Networks Cortex XSOAR vs Google Security Operations Logo
Palo Alto Networks Cortex XSOAR vs Google Security Operations
Fortinet FortiSIEM vs Google Security Operations Logo
Fortinet FortiSIEM vs Google Security Operations
Sentinel vs Google Security Operations Logo
Sentinel vs Google Security Operations
Google Chronicle Suite vs Google Security Operations Logo
Google Chronicle Suite vs Google Security Operations
Splunk SOAR vs Google Security Operations Logo
Splunk SOAR vs Google Security Operations
Exabeam vs Google Security Operations Logo
Exabeam vs Google Security Operations
Securonix Next-Gen SIEM vs Google Security Operations Logo
Securonix Next-Gen SIEM vs Google Security Operations
Stellar Cyber Open XDR vs Google Security Operations Logo
Stellar Cyber Open XDR vs Google Security Operations
See all alternatives
 
Google Security Operations Reviews Summary
Author infoRatingReview Summary
Cloud Senior lead at a financial services firm with 10,001+ employees5.0I use Google SecOps primarily for real-time threat detection, which is enhanced when integrated with Mandiant. While it's effective, its threat descriptions need improvement compared to Microsoft Sentinel, although Sentinel doesn't support GCP. Google remains my chosen provider.
SOC Director at Ingalls Information Security5.0Chronicle SOAR is essential for our SOC, enhancing alert orchestration and automation. Its playbook builder and integration capabilities are invaluable. We've switched from a less robust platform and look forward to its upcoming machine learning enhancements.
Security Compliance Lead at a computer software company with 51-200 employees4.5I find Siemplify, now part of Google Clinical SecOps, essential for streamlining tasks like configuring playbooks and automating incident response. Its integration abilities enhance flexibility, though minor improvements, like better search functionality, could further boost usability.
Information information analyst at Seeton3.5I use Siemplify in over 20 use cases, and its most valuable feature is the ability to create playbooks. However, building these playbooks and improving integration can be challenging, particularly with API connections. Google is the cloud provider.