At Backstory’s announcement at RSA 2019, Chronicle talked about how Google’s infrastructure lets it deliver a strong service. After a company has securely uploaded their data, they can analyze it to detect threats, all presented in an intuitive way. The platform has built-in uppercase threat signals that it pulls from public and private sources. Further, Chronicle says it will learn from the logs users upload and get smarter at spotting signals over time. Backstory also integrates with existing security services. That includes Google-acquired Virus Total, as well as Avast and Proofpoint at launch. It’s looking to work with more via its Index partner program.
Preventing the DNC Hack
Even so, the price is perhaps the service’s major selling point. Unlike other services, Google’s model isn’t based on data storage. Instead, it will have fixed pricing, with Google handling all the scaling, backup, and performance tuning. “By offering a global platform with the ability to apply massive computational capacity to an ever-growing set of enterprise security data, our goal is for Chronicle to help enterprise customers, as well as other vendors, to better protect what matters most,” said the Chronicle team in a blog post.
So far, Backstory has been tested with a variety of organizations, numbering from 500 to 500,000 employees. Google hints that had the DNC utilized Backstory, it would have been able to prevent the high-profile email leak. “With Backstory, our analyst would know, in less than a second, every device in the company that communicated with any of these domains or IP addresses, ever,” says the blog post. “Put differently, when this company’s CEO asked ‘could our bank have been hit by the same attack as the DNC?’ our analyst could immediately answer ‘no, we’re safe’ or ‘yes, we’d better take action.’”