Chronicle Releases Chapter One: Backstory

Google spin-off Alphabet rolls out a new cloud-based security data platform that ultimately could displace some security tools in organizations.

RSA CONFERENCE 2019 – San Francisco – Chronicle, the division that spun out of Alphabets X, rocked the cybersecurity industry today with a new security data platform that ultimately could whittle down the number of security tools organizations run today to monitor and manage incidents.
The new Backstory cloud-based service works with Chronicles VirusTotal malware intelligence platform and lets organizations view previous security data over time and more quickly spot and pinpoint details on malicious activity. It gives security teams insight into whats happening in the enterprise right now, with the same level of visibility into what happened yesterday, a month ago, even a year ago, for example, Stephen Gillett, Chronicles CEO and co-founder said today in a media event for the rollout.
What makes Backstory unique among other security offerings, not surprisingly, is its Google-esque approach to drilling down into activity on the network and devices and its ability to store, index, and search mass amounts of data. Most enterprises are constrained by the amount of data they can store and manage over a long period of time.
Backstory, however, could prompt some housecleaning for security teams and security operations centers that for years have been amassing multiple, and sometimes redundant, security tools and threat intelligence feeds. The platform is Chronicles first commercially developed product.
Rick Caccia, chief marketing officer at Chronicle, told Dark Reading that among the tools that Backstory ultimately could replace or streamline are network monitoring, network traffic analysis, log monitoring, security information event management (SIEM) tools, and even threat intelligence feeds. Tool overload has become a chronic problem for organizations: The average company runs dozens of security tools and often doesnt have the people power to properly employ or even stay on top of the tools and the data they generate.
Several companies already are using Backstory, including manufacturing firm Paccar, Quanta Services, and Oscar Health, and several security vendors today announced partnerships to integrate with Backstory — Carbon Black, Avast, CriticalSTART, and others.
Chuck Markarian, CISO at Paccar, which builds trucks, said his company expects Backstory to replace anywhere from three to six of its existing security tools in the next year.
In general, managing our costs is huge, [and] managing our spend in security, and figuring out how we can use less feeds, he said during a customer panel during the media event. Managing multiple security tools is challenging, he said, so whittling down the number of tools is key.
I cant find the people to manage it, and I keep going back to our board and saying I need another tool, I need another tool, Markarian said. I want to get that number [of tools] dramatically down.
Backstory initially provides a tool for threat hunting and security investigations, said Jon Oltsik, senior principal analyst for Enterprise Security Group. In its current iteration, I think Chronicle [Backstory] assumes a role for threat hunting and security investigations. Its pricing, data capacity, and query speed are built for this, he said.
Oltsik also predicted that Backstory will streamline and also eliminate the need for some point security tools.
In the future, I could see Chronicle becoming an aggregation hub for other security analytics tools [such as endpoint detection and response, network traffic analysis, and threat intelligence, for example] and then subsuming some of these standalone technologies over time, depending on Chronicles road map for the platform, he told Dark Reading.
Many large companies already have multiple security products for the same function, Chronicles Caccia said. They have three network monitoring tools and multiple SIEMs, for example, he said. Chronicle is pricing Backstory by customer, he said, hoping to target the pricing below its potential competitors. Some companies already spend a half-million dollars per year on tools, including subscribing to cloud-based capacity for storage and computing power for cloud services like that of Amazon, he said.
Operation Aurora Roots
Backstory grew out of the Googles firsthand experience in 2009 when the company was hacked by Chinese nation-state actors, during the so-called
Operation Aurora
. Former Google security engineers who used big data analytics to build internal security tools for the search engine giant in the wake of the attacks. That work influenced Chronicles development of Backstory, led by former Google engineers and Chronicle co-founders Gillett and Mike Wiaceck, CSO at Chronicle.
During a demonstration of Backstory at the media event today, Wiaceck said the more data you add to Backstory, the more detailed a picture and story it provides of a threat or attack. Attackers cant hide in Backstory, he said.
Meanwhile, ICS/SCADA vendor Siemens, plans to offer Backstory as part of its managed security service for ICS customers, according to Leo Simonovich, global head of industrial cyber and digital security at Siemens, which partnered with Chronicle on Backstory.
For us, its providing our customers the understanding of whats happening in their environment, Simonovich said in an interview. Were hoping one day [Backstory] will become the backbone of [our] managed security service.
Related Content:
8 Tips for Monitoring Cloud Security
Alphabets Chronicle Releases VirusTotal Enterprise
The Enigma of AI & Cybersecurity
Alphabet Launches VirusTotal Monitor to Stop False Positives

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Chronicle Releases Chapter One: Backstory