Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

Alphabet’s Chronicle Launches Security Telemetry Platform

Chronicle

Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.

Chronicle

Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.

Chronicle, a subsidiary of Google’s parent company Alphabet, was launched in January 2018 and it has been put in charge of the VirusTotal platform. The company has now launched its first own product.

When investigating potential threats, security teams may need to analyze historical data. However, in many cases, due to data storage constraints, they can only store information for up to 30 days.

Chronicle aims to address this problem by offering a new product built on core Google infrastructure, which eliminates problems associated with limited storage space and significantly increases search speed.

According to Chronicle, Backstory provides infinitely elastic containers for data storage and pricing is not based on data volume. This allows organizations to store petabytes, or years’ worth of data and quickly analyze it if needed.

Enterprises can use Backstory to store even high-volume telemetry, including web proxy traffic, endpoint activity, and DNS traffic. They can analyze machine and user activity within their network, and the data is automatically checked against threat intelligence feeds, the VirusTotal database, and proprietary Chronicle signals. The company says enterprises can use Backstory to search tens of petabytes of data in roughly one second.

As a use case example, Chronicle provided the 2016 attack on the U.S. Democratic National Committee (DNC), which is widely believed to have been carried out by Russian hackers. Last year, the U.S. charged a dozen Russian nationals believed to have been involved and the indictment contains some information that could be useful to defenders, such as domain names.

For instance, the X-Agent malware used by the threat actors communicated with the domain linuxkrnl.net.

Advertisement. Scroll to continue reading.

In many cases, organizations may be unable to determine if any of their systems ever communicated with this domain given that they only store security data for just a few weeks. However, since Backstory allows them to store years’ worth of data, they can more easily investigate attacks that may have taken place years ago.

“No other platform gives companies this historical context into their security data and network exposure,” Chronicle said.

Backstory can be integrated with products from several major cybersecurity vendors, and companies such as Avast and Proofpoint have embedded their own threat intelligence into the new product’s dashboard and analytics engine.

Related: Chronicle Unveils VirusTotal Enterprise

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.