Chronicle, a cybersecurity division that spun out of Alphabet’s X (formerly known as Google X), has launched a new security data platform in the form of a commercial product called Backstory. Backstory enables security analysts to parse threats from the alerts that are sent out in order to quickly pinpoint vulnerabilities by tapping into Google’s analytics capabilities.
In an interview with CNBC, Chronicle CEO Stephen Gillett said that the pricing will not be based on volume. And licenses will be based on the size of the company rather than the customer data size. Gillett also said that the point is not to displace existing cybersecurity companies, but to partner with some of the top vendors. But it seems inevitable that Chronicle could become a preferred service over others in the security information and event management (SIEMs) space.
Google acquired VirusTotal in 2012 — which aggregates many antivirus products and online scan engines in order to find viruses that the user’s own antivirus may have missed or verify against false positives. Files can be uploaded to VirusTotal to scan it for malicious data. VirusTotal was integrated by Chronicle and it will continue to be free.
Several companies have already started using Backstory for their products. For example, Carbon Black participated in Backstory’s beta test and joined the product’s processing, storage, and analytics technologies. And Endgame, a leader in endpoint prevention, detection, and response, joined the Chronicle Index Partner programs as part of a broader industry effort to help customers improve the visibility of and response to cyber threats.
Endgame’s CTO Jamie Butler said that the partnership with Chronicle will provide “security practitioners with rapid access to virtually unlimited historical context to identify malicious activity in their enterprises over time.”
And Chronicle’s chief product officer Ansh Patnaik pointed out that Backstory provides more value to customers when it is integrated with other key technologies within customers’ networks, which is why the integration with Endgame will provide an enhanced view of threats within their networks.
