Google’s enterprise cybersecurity venture, Chronicle announced “Backstory”, a new telemetry platform for enterprises to analyze their internal security telemetry to detect potential cyber threats.
Chronicle was announced by Alphabet company last year, it focuses entirely on Enterprise Cybersecurity. The virus total which was launched in June 2004 by a Swedish company, was later acquired by Google in September 2012 and now the ownership has been switched to the Chronicle.
With Backstory, you can upload your security telemetry that includes high-volume data such as DNS traffic, NetFlow, endpoint logs, proxy logs, etc and the data gets indexed and automatically analyzed.
The service compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly.
Also, Backstory compares the newly uploaded data to the company’s previous activity, to track the historical access to known-bad web domains, malicious files, and other threats.
“Backstory was designed for a world where companies generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it,” reads Chronicle Blog post.
Backstory cloud service offers organizations a private and secure cloud instance to store all organizations telemetry data. It “normalizes, indexes, and correlates the data, against itself and against the third party and curated threat signals, to provide instant analysis and context regarding the risky activity.”
“With Backstory, our analyst would know, in less than a second, every device in the company that communicated with any of these domains or IP addresses, ever.”
Building a system that can analyze large amounts of telemetry for you won’t be useful if you are penalized for actually loading all of that information. Too often, vendors charge customers based on the amount of information they process reads Chronicle post.
Android Rat – TheFatRat Pentesting Tool to Hack and Gain access to Targeted Android Phone
Wifi cracker – Pentesting Wifi Network with Fern WiFi Password Auditing Tool
Hackers exploit PowerShell, a built-in scripting tool on Windows (and sometimes Linux), to launch various attacks. PowerShell scripts can download…
A new cybersecurity threat has emerged as a zero-click remote code execution (RCE) exploit targeting Apple's iMessage service is reportedly…
Hackers exploit LOCKBIT Builder due to its versatility in creating customized ransomware payloads which enable them to tailor attacks to…
A critical flaw has been identified in the popular online code editor, JudgeO. If exploited, this vulnerability could allow attackers…
Attackers are employing evasion techniques to bypass detection and extend dwell time on compromised systems. This is achieved by targeting…
Cisco has released critical security updates to address multiple vulnerabilities in its Adaptive Security Appliance (ASA) devices and Firepower Threat…