Google’s sister security firm Chronicle launches ‘Backstory’

Credit: ID 85476670 © Ojogabonitoo |

A year after Google parent company Alphabet unveiled the security company, Chronicle, it has launched its first product called Backstory. 

The service, announced on Monday at the RSA security conference, allows companies to privately upload petabytes of internal security telemetry data to a private container within Google’s cloud infrastructure in order to detect and investigate new security threats. It’s based on services and tools that Google built to protect its network.  

Companies would upload data such as DNS traffic, netflow, security information and event management (SIEM) tools, device logs, proxy logs and so on that gets analyzed and indexed by Chronicle’s analytics engine. 

The idea behind the service is to allow companies to store more security data for longer than they previously may have done due to budget constraints. This should allow security analysts to go back further to pinpoint a particular malware attack and dig up potential indicator of compromise (IOCs).  

Backstory is integrated VirusTotal, the malware intelligence service that Google acquired in 2012 and became part of Chronicle when it was announced. The service is also integrated with threat intelligence services from security firms Avast and Proofpoint.