Google’s enterprise cybersecurity venture, Chronicle announced “Backstory”, a new telemetry platform for enterprises to analyze their internal security telemetry to detect potential cyber threats.
Chronicle was announced by Alphabet company last year, it focuses entirely on Enterprise Cybersecurity. The virus total which was launched in June 2004 by a Swedish company, was later acquired by Google in September 2012 and now the ownership has been switched to the Chronicle.
With Backstory, you can upload your security telemetry that includes high-volume data such as DNS traffic, NetFlow, endpoint logs, proxy logs, etc and the data gets indexed and automatically analyzed.
The service compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly.
Also, Backstory compares the newly uploaded data to the company’s previous activity, to track the historical access to known-bad web domains, malicious files, and other threats.
“Backstory was designed for a world where companies generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it,” reads Chronicle Blog post.
Backstory cloud service offers organizations a private and secure cloud instance to store all organizations telemetry data. It “normalizes, indexes, and correlates the data, against itself and against the third party and curated threat signals, to provide instant analysis and context regarding the risky activity.”
“With Backstory, our analyst would know, in less than a second, every device in the company that communicated with any of these domains or IP addresses, ever.”
Building a system that can analyze large amounts of telemetry for you won’t be useful if you are penalized for actually loading all of that information. Too often, vendors charge customers based on the amount of information they process reads Chronicle post.
Android Rat – TheFatRat Pentesting Tool to Hack and Gain access to Targeted Android Phone
Wifi cracker – Pentesting Wifi Network with Fern WiFi Password Auditing Tool
Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker…
Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes…
DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with…
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine.…
In a historic move, Microsoft has made the source code for MS-DOS 4.0, one of the most influential operating systems…
A new attack campaign has been discovered to be employed by the FROZEN#SHADOW, which utilized SSLoad malware for its operations…