Thursday, March 28, 2024

Backstory -Google Released New Tool To Analyze Internal Security Telemetry to Detect Cyber Threats

Google’s enterprise cybersecurity venture, Chronicle announced “Backstory”, a new telemetry platform for enterprises to analyze their internal security telemetry to detect potential cyber threats.

Chronicle was announced by Alphabet company last year, it focuses entirely on Enterprise Cybersecurity. The virus total which was launched in June 2004 by a Swedish company, was later acquired by Google in September 2012 and now the ownership has been switched to the Chronicle.

With Backstory, you can upload your security telemetry that includes high-volume data such as DNS traffic, NetFlow, endpoint logs, proxy logs, etc and the data gets indexed and automatically analyzed.

The service compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly.

Also, Backstory compares the newly uploaded data to the company’s previous activity, to track the historical access to known-bad web domains, malicious files, and other threats.

“Backstory was designed for a world where companies generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it,” reads Chronicle Blog post.

Backstory cloud service offers organizations a private and secure cloud instance to store all organizations telemetry data. It “normalizes, indexes, and correlates the data, against itself and against the third party and curated threat signals, to provide instant analysis and context regarding the risky activity.”

“With Backstory, our analyst would know, in less than a second, every device in the company that communicated with any of these domains or IP addresses, ever.”

Building a system that can analyze large amounts of telemetry for you won’t be useful if you are penalized for actually loading all of that information. Too often, vendors charge customers based on the amount of information they process reads Chronicle post.

Related Read

Android Rat – TheFatRat Pentesting Tool to Hack and Gain access to Targeted Android Phone

Wifi cracker – Pentesting Wifi Network with Fern WiFi Password Auditing Tool

Website

Latest articles

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles