Chronicle on Monday announced the launch of Backstory, a security telemetry platform that allows organizations to store and quickly analyze large amounts of data.
Chronicle, a subsidiary of Google’s parent company Alphabet, was launched in January 2018 and it has been put in charge of the VirusTotal platform. The company has now launched its first own product.
When investigating potential threats, security teams may need to analyze historical data. However, in many cases, due to data storage constraints, they can only store information for up to 30 days.
Chronicle aims to address this problem by offering a new product built on core Google infrastructure, which eliminates problems associated with limited storage space and significantly increases search speed.
According to Chronicle, Backstory provides infinitely elastic containers for data storage and pricing is not based on data volume. This allows organizations to store petabytes, or years’ worth of data and quickly analyze it if needed.
Enterprises can use Backstory to store even high-volume telemetry, including web proxy traffic, endpoint activity, and DNS traffic. They can analyze machine and user activity within their network, and the data is automatically checked against threat intelligence feeds, the VirusTotal database, and proprietary Chronicle signals. The company says enterprises can use Backstory to search tens of petabytes of data in roughly one second.
As a use case example, Chronicle provided the 2016 attack on the U.S. Democratic National Committee (DNC), which is widely believed to have been carried out by Russian hackers. Last year, the U.S. charged a dozen Russian nationals believed to have been involved and the indictment contains some information that could be useful to defenders, such as domain names.
For instance, the X-Agent malware used by the threat actors communicated with the domain linuxkrnl.net.
In many cases, organizations may be unable to determine if any of their systems ever communicated with this domain given that they only store security data for just a few weeks. However, since Backstory allows them to store years’ worth of data, they can more easily investigate attacks that may have taken place years ago.
“No other platform gives companies this historical context into their security data and network exposure,” Chronicle said.
Backstory can be integrated with products from several major cybersecurity vendors, and companies such as Avast and Proofpoint have embedded their own threat intelligence into the new product’s dashboard and analytics engine.
Related: Chronicle Unveils VirusTotal Enterprise

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- macOS 14 Sonoma Patches 60 Vulnerabilities
- New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
- Microsoft Adding New Security Features to Windows 11
- Sony Investigating After Hackers Offer to Sell Stolen Data
- 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
- Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
Latest News
- Chinese Gov Hackers Caught Hiding in Cisco Router Firmware
- CISA Unveils New HBOM Framework to Track Hardware Components
- Gem Security Lands $23 Million Series A Funding
- Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk
- Firefox 118 Patches High-Severity Vulnerabilities
- Stolen GitHub Credentials Used to Push Fake Dependabot Commits
- Google Open Sources Binary File Comparison Tool BinDiff
- macOS 14 Sonoma Patches 60 Vulnerabilities
