Chronicle, a cybersecurity company and a subsidiary of Alphabet Inc (Google), has launched its first business product called Backstory. Chronicle was born last year out of X, Alphabet’s Moonshot Factory which is made up of a diverse group of inventors and entrepreneurs focused on launching new technologies. Backstory is a cybersecurity tool that helps companies quickly detect threats, investigate incidents, find vulnerabilities and search out potential threats.
Backstory is a cloud-based service that allows companies to securely upload, analyze and store “internal security telemetry” to assess potential threats. Companies can upload DNS traffic, NetFlow data, endpoint logs, proxy logs, and other data to the engine which will automatically scan the data for threats. Chronicle also add that your data remains private and isn’t scanned or available to anyone for other purposes. Backstory can detect malicious web domains and malware infected files and compile reports. As with most Google products, the interface is polished and easy to use.
Backstory was designed for a world where companies generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it.
Chronicle reported that they have tested the software on organizations ranging from 500 to 500,000 employees to see how it functions at different levels.
Companies are producing more and more data every year putting more pressure on our tools and employees to make sense of the data. Backstory is essentially a tool to help manage security threats even with a high volume of data, and arrive at solutions quickly.
Backstory compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly. It also continuously compares any new piece of information against your company’s historical activity, to notify you of any historical access to known-bad web domains, malware-infected files, and other threats.
Backstory has been integrated with VirusTotal, a malware intelligence service that is part of Chronicle, as well as threat intelligence services from Avast and Proofpoint.
Chronicle has said that licenses will be based on the size of the company, rather than the amount of data uploaded.
Building a system that can analyze large amounts of telemetry for you won’t be useful if you are penalized for actually loading all of that information. Too often, vendors charge customers based on the amount of information they process. Since most organizations generate more data every year, their security bills keep rising, but they aren’t more secure. Backstory is licensed differently, making it easy for you to get value from your own data.
Google’s new cybersecurity products won’t be considered good news by all. Many people will consider this venture as a new area Google is trying to dominate, pushing their rivals under the table. However, Google has been active on the cybersecurity scene since 2012 when Chronicle was born, since then they have been working on projects to arrive where they are today. It is too soon to tell how successful Backstory will be but it certainly has the potential to make some waves.