Alphabet's Chronicle has launched Backstory, a global security telemetry platform designed for enterprises that generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it.
Alphabet announced the cybersecurity company Chronicle last year. Backstory is the company's first product. It is a global cloud service where companies can upload, store, and analyze their internal security telemetry to detect and investigate potential cyber threats.
Chronicle built a new layer over core Google infrastructure where you can upload your security telemetry, including high-volume data such as DNS traffic, netflow, endpoint logs, proxy logs, etc., so that it can be indexed and automatically analyzed by Chronicle's analytics engine. Chronicle says that your data remains private?—?it isn’t scanned by or available to anyone for other purposes.
Backstory compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly. It also continuously compares any new piece of information against your company’s historical activity, to notify you of any historical access to known-bad web domains, malware-infected files, and other threats.
All the information is quickly indexed and organized. Then customers carry out searches on the data, like “Are any of my computers sending data to Chinese government servers?” From there, cybersecurity investigators can start asking more and more questions, such as: What kinds of information are the Chinese taking, when and how?
Chronicle will be showing Backstory at the RSA conference in San Francisco. The company will also be revealing a small batch of Backstory users, including truck manufacturer PACCAR; energy infrastructure giant Quanta Services; and Oscar Health, a health insurance startup.