The new service, entitled Backstory, will help website owners to literally search the inner workings of their website to help identify vulnerabilities caused by hacking-related activities. The Chronicle cyber security business owned by Alphabet will help provide what the company calls internal security telemetry – in short it can search inside your web services and infrastructure for problems.
Chronicle released a press release:
“Backstory is a global cloud service where companies can privately upload, store, and analyze their internal security telemetry to detect and investigate potential cyber threats.
How does it work? Chronicle built a new layer over core Google infrastructure where you can upload your security telemetry, including high-volume data such as DNS traffic, netflow, endpoint logs, proxy logs, etc., so that it can be indexed and automatically analyzed by our analytics engine. Your data remains private — it isn’t scanned by or available to anyone for other purposes.
Backstory compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly. It also continuously compares any new piece of information against your company’s historical activity, to notify you of any historical access to known-bad web domains, malware-infected files, and other threats.”
Whether you are happy about giving Google access to so much of your own unique data is another question entirely. But for companies worried about their own lack of ability to scrutinise and analyse their own organisation’s security data with any meaning, Chronicle’s Backstory could be a useful addition to your cyber-security experience.