• Follow us


Can Alphabet Become the Next Big Cybersecurity Vendor?

This week at RSA, the cybersecurity industry’s biggest annual conference, Alphabet and its subsidiary Google made a splash with a series of announcements, the biggest one being a new service called Backstory.

Backstory is a product by Alphabet's new cybersecurity arm, Chronicle. A cloud-based system similar to a SIEM (security information and event management), it collects all of a company's security-related log data and protects it with the same security systems that protect the rest of its operations.

Unlike other platforms, which charge based on how much information companies are collecting, Backstory is licensed based on how many employees a company has, a Chronicle spokesperson told us. According to the company, the platform will also be much faster than alternatives. For example, a search of 50 petabytes of logs by “current industry solutions” might take 12 hours, while Backstory would only take a second.

"We don’t believe there is anything similar to Backstory available today in terms of the scale of our data management and computation capabilities," Chronicle said in its press kit.

The company spelled out the competitive market it's intending to take on, which includes the entire on-premises data security market, such as SIEMs, Hadoop, and Elasticsearch, as well as security for all the related infrastructure, including servers, networking, and storage. "We really compete with doing security intelligence on your own to try to stop cyberattacks," Alphabet said.

That gives Alphabet a potential edge against other cloud competitors, such as Amazon, that mostly provide cybersecurity for their own cloud infrastructure. The company currently has much smaller cloud market share than Amazon and Microsoft. But companies don't just use one cloud vendor. The largest ones use multiple cloud vendors and colocation facilities in addition to managing their own on-premises data centers.

Backstory will be able to ingest data from Google Cloud, from on-premises systems, and also from other cloud providers, including Amazon Web Services and Microsoft Azure, the Chronicle spokesperson said.

"The multi-cloud infrastructure is quickly becoming the new normal for large organizations," said Philip Casesa, director of IT and service operations at the International Information Systems Security Certification Consortium, also known as ISC(2). "Google counts on this trend to fuel their growth and make up ground on the competition."

With Backstory, Alphabet is leveraging its decades of experience, its vast infrastructure, and its core capability of collecting and analyzing data, he said. The service will also pull in data from third-party intelligence sources and cybersecurity vendor partners. "It will be a disrupting force for organizations drowning in security telemetry data," he said.

Mike Jordan, senior director at Santa Fe Group, a security consulting firm, said Alphabet’s new product was a game-changer. Security products it’s been offering to date are standard cloud security tools that all the big cloud vendors have, but Backstory is different and addresses a real need in the industry, according to him.

Even storing security data from various logs was a real challenge at cybersecurity group he used to run for a large company, he said. "Then you had to find or outsource a staff with a broad skillset to configure the storage, integrate with the various systems that gathered security data, find the right security threat information from diverse sources, constantly write rules to alert analysts if a known issue appears, and ignore all the other noise."

In addition to virtually unlimited storage and nearly instantaneous speed, Backstory allows customers to pull security data from various sources, such as their antivirus solutions. Most companies will choose a couple of solutions, said Jordan, but Chronicle's VirusTotal is basically all the antivirus solutions in one. Then there's Chronicle's Uppercase service, which collects threat signals.

"This wouldn’t be too different than what you get from other providers if it weren’t that this is the company that catalogs everything and lives everywhere on the internet," Jordan said. "Why write a ton of your own rules if you can just use what the company that sees the world’s most web traffic uses? This is a massive advantage over the patchwork of other security services that you’d need to buy and security personnel you’d need to staff to do something similar."

Microsoft last week announced its own SIEM product, Azure Sentinel, but it doesn’t have VirusTotal or the scale of Google’s internet presence, he said. And Amazon has GuardDuty, a cloud-based SIEM, but it’s focused on Amazon’s own cloud services.

The downside of everyone switching to Google for cybersecurity would be that that everyone would be defending everything the same exact way. "That makes it easier to find a crack in the armor that affects too many people at once," Jordan warned. "But even in that situation, Chronicle intends to have interfaces to as many security companies’ services as they can negotiate."

Will Alphabet drive other security vendors out of business? Maybe not.

"Google, like the other cloud providers, isn’t really competing against the security vendors," said John Pescatore, director of emerging trends at SANS Institute. "In fact, they are partnering with them so that they can sell more cloud services."

Other Google Security News Out This Week

Alphabet followed Monday’s Backstory launch with several Google Cloud security announcements at RSA Wednesday morning.

The first one was the beta release of its Web Risk API. Google scans billions of websites for malicious content, including phishing sites, and keeps a list of the unsafe URLs. This has been used in Google's own services and now enterprises can access the same list with an API call.

"The Web Risk API is powered by the same technology that underpins Google Safe Browsing," Cy Khoramee, product manager for Google Safe Browsing, told us. But instead of just filtering inbound traffic, or the links that employees click on, this technology can also be used in other contexts, he said, such as checking links posted by users on company websites or applications. "Examples of this include a social media comment field or a website where Internet users leave restaurant or tech reviews," he said.

Second, Google Cloud Armor, a DDoS protection service, is now officially out of beta. The general release also includes a new dashboard for security admins. The same global infrastructure leveraged to guard things like Gmail, YouTube, and Google’s search engine itself against DDoS is now available to enterprises for the same purpose.

The most successful DDoS protection services, such as Akamai, Neustar, and CloudFlare, are all cloud-based, said Pescatore. "That allows them to scale the horsepower up when the volume of DDoS attacks increase," he said. Given the scale of its global platform, it's natural for Google to have a cloud-based DDoS protection service as well.

Both Amazon Web Services and Microsoft Azure also offer cloud-based DDoS mitigation.

Typically, by getting DDoS protection from the same place they get their other cloud services, enterprises can benefit from lower pricing, less forwarding of traffic, and easier integration, according to Pescatore.

Finally, the availability of Google's hardware security module (HSM), used to protect cryptographic keys, is being expanded. In addition to the several US locations where it’s been available to date, it will now also be available to Google’s cloud users in Europe.

Many government agencies and financial institutions require their cloud service providers to offer HSMs, said Pescatore, and Azure and AWS both offer them.

With more and more security tools becoming available natively on the cloud platforms enterprises use, the standard advice of defense in depth is still valid. That means using different security vendors and technologies to protect infrastructure, applications, endpoints, and networks, he said. “The better the layered approach, the more effective the security program.”

Read More

Leave A Comment

More News


Ryuk ransomware "still going strong" 2019-02-20 11:00:19Multiple groups still using Ryuk to extort money from companies.

Keep your business centre operations running 24/7 with 2019-02-20 08:00:40Reboot to restore solutions help IT admins take a preventive approach to computer management at business centres, thus enhancing the availability and

Microsoft uncovers major hacking attempts against EU organisations 2019-02-20 07:30:44Firms across Europe were hit in the attacks.

Qualcomm unveils most powerful 5G modem 2019-02-20 07:00:06Second-generation X55 modem will hopefully power the first 5G smartphones.

12 billion devices will be internet-connected by 2022 2019-02-20 06:30:28Up to four billion IoT devices will be online soon, Cisco estimates.

UK companies still worried about cyber risks 2019-02-20 06:00:38They fear 5G, but they're willing to invest.

Don’t let the tech takeover: Time rich, mindfulness 2019-02-20 06:00:22With today’s data-driven on-demand economy, we are winning back some of that precious time. But are we getting the most out of it?

The technology trust gap that’s hurting sales efforts 2019-02-20 05:30:02Here are my five key steps to get salespeople onboard with technology projects:

Why hackers love mainframe passwords – and what 2019-02-20 05:00:37Why are IBM’s mainframe customers seemingly reluctant to upgrade their security by incorporating multi-factor authentication?

Reflecting on data privacy for 2019 – Why 2019-02-20 04:30:11Below, six industry experts give their take on why data security needs to be at the heart of operations, and their opinions on what can be done to ens

Shipping on the cusp of a digital wave 2019-02-20 04:00:42Despite its significance, the industry still remains largely untouched by digital transformation and efficiencies it can bring.

Microsoft Surface Go review 2019-02-19 12:19:33An ideal pocket-sized budget work companion, but don't expect anything earth-shattering.

Dev Pro

Pen Testing Takes Center Stage at RSA 2019-03-07 01:21:00Virtual pen testing can enable automated data feeds and model execution from real-time assessment inputs; simulate loss scenarios associated with atta

FireEye, Agari Offer Advanced Email Protection 2019-03-07 00:20:00The rise of attacks against email concern many organizations, and vendors are on the case. There were several announcements of products attempting to

Amazon Gives AI to Harvard Hospital in Tech's 2019-03-06 20:45:00Amazon Web Services is working with a Harvard-affiliated teaching hospital in Boston to test how AI can simplify medical care.

Multiple Biometric Products Introduced at RSA 2019-03-06 20:39:00Unisys debuted a tool that associates a user's network rights with their verifiable biometrics, and Feitian wants user fingerprints for for authentic

Zuckerberg Says Facebook to Focus on Private Communication 2019-03-06 20:34:00The changes would involve making it possible to send messages between the different properties Facebook owns, including WhatsApp and Instagram, which

Samsung Is Said to Be Preparing More Foldable 2019-03-06 19:42:00Samsung Electronics Co. is working on a pair of new foldable smartphones to follow its Galaxy Fold.

Can Alphabet Become the Next Big Cybersecurity Vendor? 2019-03-06 17:00:00Backstory, a nascent Alphabet cybersecurity unit’s first product, aims to protect enterprise infrastructure on-prem and in the cloud.

How to Compare the Cost of HCI Systems 2019-03-06 04:24:00Find out why traditional storage metrics aren’t adequate when it comes to evaluating HCI systems and how to assess costs.

LogRhythm Tackles Network-Borne Threats Via Automation 2019-03-06 00:21:00LogRhythm, a company focused on security intelligence, has introduced a new product that reduces the humans required to discover and respond to advanc

New Approach to Perimeter Security Will Better Protect 2019-03-05 18:51:00Unlike other firewall solutions which focus on protection outside the network perimeter, the VMware Service-Defined Firewall flips the model on its he

Bare-Metal Cloud Firmware Security Fail Isn’t Limited to 2019-03-05 13:05:00"This is really a broader industry concern about the firmware layer being effectively ignored by almost everybody.”

Ubuntu Long Term Support Announcement Begs Security Questions 2019-03-04 19:51:00Canonical's announcement that Ubuntu long term support will span a decade must be considered in the context of hardware, the cloud and CI/CD.

TechRadar: Internet news

The Samsung Galaxy Fold just changed the future 2019-02-20 20:04:54The Fold is too expensive, weird and thick for the mainstream… but this is just the beginning.

Best security camera: keep an eye on your 2019-02-20 19:53:36We've collected together all of the best smart security cameras for keeping your house safe when you're not around.

YouTube TV: Everything you need to know about 2019-02-20 19:42:38Watch out cable, YouTube TV is here to liberate the contract-bound masses. Here's everything you need to know.

Best running headphones 2019: our top 10 choices 2019-02-20 19:17:39From tarmac to trail, the best running headphones will keep your tunes going right up to the finish line.

Best Samsung Galaxy S10e pre-order plans and prices 2019-02-20 19:14:50Samsung's Galaxy S10e is supposedly its more affordable offering, but you can save even more with these plans

Best Samsung Galaxy S10 Plus pre-order plans and 2019-02-20 18:50:12The larger of Samsung's Galaxy S10 phones obviously costs the most, so here's how you can nab it for less.

Samsung's new Galaxy Fit and Fit E are 2019-02-20 18:47:15If you're going to release a fitness tracker these days, you need something exciting... but only the price might attract you.

Best Samsung Galaxy S10 pre-order plans and prices 2019-02-20 18:36:04Samsung's latest flagship will no doubt be its best to date, and here's how you can ensure you get your hands on it.

Remote code execution vulnerability discovered in WordPress 2019-02-20 18:31:48Researchers have discovered a critical flaw that could allow hackers to gain complete control over a user's WordPress blog.

Samsung Galaxy S10 Plus vs Samsung Galaxy Note 2019-02-20 18:20:13The Galaxy S10 Plus has a screen the same size as the Galaxy Note 9, but what else is similar?

Best Samsung Galaxy S10 outright prices in Australia: 2019-02-20 18:14:28Samsung's next flagship series, the Galaxy S10, has been revealed – here's how you can secure your pre-order.

Here's everything that launched at Samsung Unpacked 2019 2019-02-20 17:25:39Samsung just announced a huge number of new devices, so we've rounded up the info you need on them all right here.

Enterprise – TechCrunch

Clari platform aims to unify go-to-market operations data 2019-03-06 09:00:29Clari started as a company that wanted to give sales teams more information about their sales process than could be found in the CRM database. Today,

Matterport raises $48M to ramp up its 3D 2019-03-05 12:05:55The growth of augmented and virtual reality applications and hardware is ushering in a new age of digital media and imaging technologies, and startups

SurveyMonkey acquires web survey company Usabilla for $80M 2019-03-05 09:00:09SurveyMonkey announced today that it has acquired Usabilla, an Amsterdam-based website and app survey company, for $80 million in cash and stock. Zand

Salesforce releases myTrailhead, a customizable training platform 2019-03-05 08:00:10Salesforce has been using the notion of trailblazers as a learning metaphor for several years, ever since it created Trailhead, a platform to teach cu

Can predictive analytics be made safe for humans? 2019-03-04 13:44:40Massive-scale predictive analytics is a relatively new phenomenon, one that challenges both decades of law as well as consumer thinking about privacy.

Scytale grabs $5M Series A for application-to-application identity 2019-03-04 10:33:34Scytale, a startup that wants to bring identity and access management to application-to-application activities, announced a $5 million Series A round

Rackspace announces it has laid off 200 workers 2019-03-01 16:42:03Rackspace, the hosted private cloud vendor, let go around 200 workers or 3 percent of its worldwide workforce of 6,600 employees this week. The compan

Open-source communities fight over telco market 2019-02-27 18:36:02When you think of MWC Barcelona, chances are you’re thinking about the newest smartphones and other mobile gadgets, but that’s only half t

Box fourth quarter revenue up 20 percent, but 2019-02-27 17:09:52By most common sense measurements, Box had a pretty good earnings report today, reporting revenue up 20 percent year over year to $163.7 million. That

Compass acquires Contactually, a CRM provider to the 2019-02-27 13:01:44Compass, the real estate tech platform that is now worth $4.4 billion, has made an acquisition to give its agents a boost when it comes to looking for

Threads emerges from stealth with $10.5M from Sequoia 2019-02-27 09:05:43The rapid rise of Slack has ushered in a new wave of apps, all aiming to solve one challenge: creating a user-friendly platform where coworkers can ha

New VMware Kubernetes product comes courtesy of Heptio 2019-02-26 11:00:17VMware announced a new Kubernetes product today called VMware Essential PKS, which has been created from its acquisition of Heptio for $550 million at

Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.