Alphabet's Chronicle launches 'Backstory' tool to analyse massive amounts of security data on networks
Backstory is a cloud-based platform capable of analysing network data and comparing it with malicious cyber activity
Alphabet ' s cyber-security unit Chronicle has launched a new security data and threat analysis platform that, it claims, will enable security teams to analyse massive amounts of data generated by computer networks to identify vulnerabilities more quickly.
The tool was unveiled on Monday at the RSA Conference in San Francisco, California.
The project was started ten years ago, following a breach of Google ' s network in 2009 by suspected Chinese hackers.
Following the incident, Google ' s Threat Analysis Group developed a number of security tools laying the foundation for the Backstory platform.
In 2012, Google acquired VirusTotal, a free service developed by by Spanish security company Hispasec Sistemas. VirusTotal aggregates data from multiple antivirus software tools and online scanning engines to check for viruses that the user's own antivirus may have missed. It can also be used to check out any false positives.
VirusTotal was absorbed by Chronicle in January 2018 and remains a free service.
Backstory is a cloud-based platform that, the company claims, is capable of analysing network data and comparing it with malicious cyber activity.
Companies will upload their internal security data (including older data) onto the platform. Then, the tool will examine this data and compare it with the latest threat data. The companies that own the data will be alerted of any "historical access" to malicious domains, malware-infected files, or other threats discovered by the tool.
While examining the data, Backstory will also utilise Google ' s search capabilities to identify breaches that could not be traced earlier.
According to Chronicle, Backstory users will be able to upload high-volume data such as DNS traffic, endpoint logs, proxy logs, netflow, and so on, which will be indexed and automatically analysed by analytics engine.
The data upload in the cloud will remain private and won ' t be available to anyone for any other purpose, the company promises. Moreover, the data uploaded won't be scanned by any automated system.
"We believe the power of the security community is our best defence against aggressive and determined attackers. By offering a global platform with the ability to apply massive computational capacity to an ever-growing set of enterprise security data, our goal is for Chronicle to help enterprise customers, as well as other vendors, to better protect what matters most," the Chronicle team claimed in a blog post.
According to CNBC, pricing for Backstory will not be based on the amount of data uploaded. Instead, licences will be offered to customers based on the number of employees.
Chronicle CEO Stephen Gillett has assured cyber-security companies that Chronicle is looking to partner with other companies rather than seeking to displace them from the market.