0
1
Google’s one-year-old cybersecurity venture Chronicle today announced its first commercial product, called Backstory, a cloud-based enterprise-level threat analytics platform that has been designed to help companies quickly investigate incidents, pinpoint vulnerabilities and hunt for potential threats.
Network infrastructures at most enterprises regularly generate enormous amounts of network data and logs on a daily basis that can be helpful to figure out exactly what happened when a security incident occurs.
However, unfortunately, most companies either don’t collect the right telemetry or even when they do, it’s practically impossible for them to retain that telemetry for more than a week or two, making analysts blind if any security incident happens before that.
Backstory solves this problem by allowing organizations to privately upload and store their petabytes of « internal security telemetry » on Google cloud platform and leverage machine learning and data analytics technologies to monitor and analyze it efficiently to detect and investigate any potential threat from a unified dashboard.
Just like SIEM solutions, Backstory converts log data—such as DNS traffic, NetFlow, endpoint logs, proxy logs—into meaningful, quickly searchable and actionable information to help companies gain insights into digital threats and attacks on their networks, but at scale to offer a more complete picture of the threat landscape.
Backstory also compares data against « threat intelligence » signals collected from a variety of partners and other sources, including the Alphabet-owned VirusTotal, Avast, Proofpoint and Carbon Black.
Microsoft has also recently announced similar security analytics services, called Threat Hunter and Azure Sentinel, which Microsoft is pitching as the « first native SIEM within a major cloud platform » to help companies detect, prevent, and respond to threats across their networks.
Splunk, a company that offers a similar product, saw its stock down 5% at the time of close on Monday following the announcement of the Backstory service.
Source: https://thehackernews.com/2019/03/backstory-cybersecurity-software.html
