Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

Alphabet’s Chronicle Launches Security Telemetry Platform

Chronicle

Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.

Chronicle

Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.

Chronicle, a subsidiary of Google’s parent company Alphabet, was launched in January 2018 and it has been put in charge of the VirusTotal platform. The company has now launched its first own product.

When investigating potential threats, security teams may need to analyze historical data. However, in many cases, due to data storage constraints, they can only store information for up to 30 days.

Chronicle aims to address this problem by offering a new product built on core Google infrastructure, which eliminates problems associated with limited storage space and significantly increases search speed.

According to Chronicle, Backstory provides infinitely elastic containers for data storage and pricing is not based on data volume. This allows organizations to store petabytes, or years’ worth of data and quickly analyze it if needed.

Enterprises can use Backstory to store even high-volume telemetry, including web proxy traffic, endpoint activity, and DNS traffic. They can analyze machine and user activity within their network, and the data is automatically checked against threat intelligence feeds, the VirusTotal database, and proprietary Chronicle signals. The company says enterprises can use Backstory to search tens of petabytes of data in roughly one second.

As a use case example, Chronicle provided the 2016 attack on the U.S. Democratic National Committee (DNC), which is widely believed to have been carried out by Russian hackers. Last year, the U.S. charged a dozen Russian nationals believed to have been involved and the indictment contains some information that could be useful to defenders, such as domain names.

For instance, the X-Agent malware used by the threat actors communicated with the domain linuxkrnl.net.

In many cases, organizations may be unable to determine if any of their systems ever communicated with this domain given that they only store security data for just a few weeks. However, since Backstory allows them to store years’ worth of data, they can more easily investigate attacks that may have taken place years ago.

“No other platform gives companies this historical context into their security data and network exposure,” Chronicle said.

Backstory can be integrated with products from several major cybersecurity vendors, and companies such as Avast and Proofpoint have embedded their own threat intelligence into the new product’s dashboard and analytics engine.

Related: Chronicle Unveils VirusTotal Enterprise

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.