SecOps Services in Scope by Compliance Program
Last modified: February 14, 2024
Capitalized terms have the meaning stated in the applicable agreement between Customer and Google.
A ✔ in the table below indicates that the Service (row) is in scope for the specified certification or report (column).
| Service |
ISO 27001 Certification |
ISO 27017 Certification |
ISO 27018 Certification |
SOC 1 Report | SOC 2 Report | SOC 3 Report | PCI DSS Certification |
| Chronicle SIEM |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔* |
| Chronicle SOAR |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
| Mandiant: |
|||||||
| Mandiant Consulting |
✔ |
✔ |
✔ |
✔ |
|||
| Security Validation |
✔ |
✔ |
✔ |
✔ |
|||
| Mandiant Advantage Threat Intelligence |
✔ |
✔ |
✔ |
||||
| Attack Surface Management |
✔ |
✔ |
✔ |
||||
| Managed Defense |
✔ |
✔ |
✔ |
✔ |
✔ |
*Subject to specific service configuration by customer. Certain features (e.g., Chronicle Looker integration) are not included in certification.
