Use cases and other resources
Google Threat Intelligence (Google TI) equips security teams with a uniquely comprehensive understanding of the global threat landscape. By combining intelligence from Google’s infrastructure, Mandiant’s frontline expertise, and VirusTotal’s collaborative data, Google TI delivers the depth, breadth, and context needed to make faster, more informed security decisions.
This section is designed to help you get started with the platform. Through real-world examples and short video demonstrations, you’ll learn how to apply Google TI to common use cases across threat detection, investigation, and response.
Whether you're enriching alerts, analyzing phishing activity, or prioritizing vulnerabilities, these examples are here to support your work and help your team unlock more value from the platform. We’ll continue to expand this library with new content and use cases over time.
Core Use Cases
These use cases illustrate how Google TI supports practical, high-impact security operations. Each section includes examples and video demonstrations.
Identify phishing campaigns, domain abuse, and impersonation targeting your organization or users.
Accelerate investigations with enriched indicators, threat actor context, and infrastructure mapping.
Assess and prioritize vulnerabilities using real-world exploitation data and threat intelligence signals.
Search for suspicious activity using entity pivoting, pattern matching, and investigative tools.
Other Resources
A quick reference for advanced search operators, helping you pivot through VirusTotal's dataset to uncover connections between files, URLs, IPs, and domains, and to perform detailed threat hunting.
A curated collection of YARA rules to help you get started with Livehunt.
Connect with other security professionals, ask questions, share best practices, and get product updates directly from the Google Threat Intelligence team.
Access on-demand webinars that demonstrate practical threat hunting techniques and real-world use cases.
Updated 4 days ago