Alphabet company Chronicle announced the release of Backstory, a cloud-powered data analysis platform designed to allow security professionals to analyze their company’s internal telemetry data to detect potential cyber threats.
Backstory allows companies to upload any enterprise security telemetry info from traffic and netflow to endpoint logs and proxy logs to an elastic container hosted on Google infrastructure, and designed as a “private and secure cloud instance.”
After being uploaded to Backstory’s servers, the telemetry data gets automatically indexed and analyzed by a built-in threat analysis engine which connects threat info from sources such as VirusTotal and Uppercase signals with network and endpoint activity to discover “both known and late-breaking threats.”
“Backstory compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly,” says Chronicle.
In addition, “It also continuously compares any new piece of information against your company’s historical activity, to notify you of any historical access to known-bad web domains, malware-infected files, and other threats.”
Additionally, to underline the telemetry analysis process’ complexity, Chronicle says that “Uppercase signals are based on a mix of proprietary data sources, public intelligence feeds, and other information” and will only get “smarter as you upload more telemetry.”
As a cloud service, Backstory requires zero customer hardware to run and it will need absolutely no “maintenance, tuning, or ongoing management” while it is used by enterprises as their default security analytics solution.
While Backstory’s focus is on making it easier to dig into petabytes of data to hunt down for security threats, it also comes with the extra advantage of helping security professionals save huge amounts of time by reducing data analysis time to seconds instead of hours or even days.
Chronicle says that Backstory will not come with fixed pricing with charges based on data volume but, instead, companies will be required to pay a rate based on their size according to Forbes.