A year ago, Alphabet’s moonshot factory launched Chronicle to create cybersecurity products. At the time, cybersecurity seemed mundane relative to the ambitions of other moonshots. Now that Chronicle has unveiled its first product, called Backstory, the nature of its ambitions are a little clearer.
Backstory focuses on an area of enterprise cybersecurity called security information and event management, or SIEM, which is an ungainly term for a service offering real-time analysis of security alerts. Managing security alerts can be complex and costly because it draws on a vast amount of realtime data from what is often a patchwork of cybersecurity products.
Backstory relies on Google’s vast infrastructure, machine learning and data analytics tools to simplify the task at lower cost, helping companies to more easily filter out the signal of imminent security threats from the noise of false alarms that accompany them. The product drew heavily on Google’s own years of experience detecting threats to its sprawling infrastructure.
“Backstory was designed for a world where companies generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it,” a blog post from Chronicle explained. Customers can privately upload network activity such as DNS traffic to be scanned by Backstory’s analytics tools, which compares the data to threat signals from other sources.
Chronicle told CNBC that it intends Backstory to partner with other cybersecurity companies rather than competing with them. It’s already signed up Avast and Proofpoint as partners. But the stocks of some cybersecurity companies working in the SIEM sector declined Monday: IBM closed down nearly 1% at $138.43 a share, while Rapid7 fell 3% to $45.54 a share and Splunk dropped 5% to $127.91 a share