Alphabet, the parent company of Google through its cybersecurity outfit, Chronicle, has debuted a new threat analysis tool called Backstory with the aim of salvaging business threats in replication of Google’s own threat detection infrastructure.
Backstory is a cloud-based enterprise-grade threat analytics tool designed to help businesses to investigate cyber incidents quickly, and pinpoint the vulnerabilities for potential fixes.
According to Chronicle co-founder Mike Wiacek, Backstory will thwart the ability of attackers to hide behind the statute of technical limitations, as it offers the solution to store, index, and search unlimited security telemetry.
It tend to solve the telemetry problem by allowing organizations to upload and store their internal security telemetry on Google Cloud and also leverage its machine learning and analytics technologies to monitor and analyze any potential threat.
Due to the high cost of storing traffic data, most of Backstory’s competitors tend to retain but a few weeks of traffic, and most often, critical in detection and stopping of breaches.
Backstory, on the other hand is able to store and surface even years-old data, and akin to SIEM solutions, it converts logs such as: NetFlow, DNS traffic, endpoint logs, proxy logs, into searchable and actionable information to help businesses gain more insights into cyber threats and attacks on their networks.
Additionally, Backstory compares data against "threat intelligence" signals culled from a variety of other sources, including the Alphabet-owned VirusTotal, Proofpoint, Avast and Carbon Black.
Chronicle is currently working with clientele which includes Quanta Services, Siemens, Paccar, and Oscar Insurance, among others.