Connect with us

Hi, what are you looking for?



Alphabet’s Chronicle Launches Security Telemetry Platform


Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.


Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.

Chronicle, a subsidiary of Google’s parent company Alphabet, was launched in January 2018 and it has been put in charge of the VirusTotal platform. The company has now launched its first own product.

When investigating potential threats, security teams may need to analyze historical data. However, in many cases, due to data storage constraints, they can only store information for up to 30 days.

Chronicle aims to address this problem by offering a new product built on core Google infrastructure, which eliminates problems associated with limited storage space and significantly increases search speed.

According to Chronicle, Backstory provides infinitely elastic containers for data storage and pricing is not based on data volume. This allows organizations to store petabytes, or years’ worth of data and quickly analyze it if needed.

Enterprises can use Backstory to store even high-volume telemetry, including web proxy traffic, endpoint activity, and DNS traffic. They can analyze machine and user activity within their network, and the data is automatically checked against threat intelligence feeds, the VirusTotal database, and proprietary Chronicle signals. The company says enterprises can use Backstory to search tens of petabytes of data in roughly one second.

As a use case example, Chronicle provided the 2016 attack on the U.S. Democratic National Committee (DNC), which is widely believed to have been carried out by Russian hackers. Last year, the U.S. charged a dozen Russian nationals believed to have been involved and the indictment contains some information that could be useful to defenders, such as domain names.

Advertisement. Scroll to continue reading.

For instance, the X-Agent malware used by the threat actors communicated with the domain

In many cases, organizations may be unable to determine if any of their systems ever communicated with this domain given that they only store security data for just a few weeks. However, since Backstory allows them to store years’ worth of data, they can more easily investigate attacks that may have taken place years ago.

“No other platform gives companies this historical context into their security data and network exposure,” Chronicle said.

Backstory can be integrated with products from several major cybersecurity vendors, and companies such as Avast and Proofpoint have embedded their own threat intelligence into the new product’s dashboard and analytics engine.

Related: Chronicle Unveils VirusTotal Enterprise

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...