Home security App - Mobile Applications protect security Better, badder, bigger SIEM coming your way, folks, courtesy of Google

Better, badder, bigger SIEM coming your way, folks, courtesy of Google


Better, badder, bigger SIEM coming your way, folks, courtesy of Google | Information Security, latest Hacking News, Cyber Security, Network Security

Feudal just got even more feudal with Google’s new Backstory service.

big data / data center / server racks / storage / binary code / analytics  - big data center server racks storage binary analytics by monsitj gettyimages 1005771270 3x2 100787359 large - Better, badder, bigger SIEM coming your way, folks, courtesy of Google

monsitj / Getty Images

try {
threshold : 0, // You can set threshold on how close to the edge ad should come before it is loaded. Default is 0 (when it is visible).
forceLoad : false, // Ad is loaded even if not visible. Default is false.
onLoad : false, // Callback function on call ad loading
onComplete : false, // Callback function when load is loaded
timeout : 100, // Timeout ad load
debug : false, // For debug use : draw colors border depends on load status
xray : false // For debug use : display a complete page view with ad placements
}) ;
catch (exception){
console.log(“error loading lazyload_ad ” + exception);

Alphabet’s Google’s Chronicle’s Backstory–yes, the shell game is a mouthful–wants to be the mega-SIEM to end all SIEMs that lets enterprises know all the things forever and search them in less than a second.

Unlike other SIEMs that charge by storage or usage, the new Backstory product is priced for unlimited , Google told a press conference at its office in downtown San Francisco today. The encourages full retention forever–into the petabytes–thus enabling unlimited security telemetry.

However, either you pay for a product or you are the product, the old saying goes, and it’s clear that Google is hungry to consume security data for future profit-making ventures.

How big is your log?

Typical SIEMs cannot log more than a month or two of security data because of the sheer size of the data involved, limiting the insights security operations centers (SOCs) can extract from that data. As the Chronicle press release put it, “In a nutshell, [Chronicle is] the first global security data platform designed for a world that thinks in petabytes.”

Backstory is gunning for the on-premise security big data market, and the data it acquires from customers will be used to train better machine-learning models. Customers–“partners,” in Googlespeak–store their security telemetry in a “private cloud instance,” except they are not private at all.

When CSO asked how private the cloud instances are, CEO Stephen Gillett confirmed that Chronicle does have visibility into customers’ cloud instances but said, “We don’t share that with anybody.”

However, potential “partners” should be wary. Chronicle is subject to U.S. law, including subpoenas, lawful target warrants, as well as FISA warrants authorizing mass surveillance.

One price to rule them all

Enterprise SOCs are awash in data and struggle to make sense of it. There’s not enough good security talent to analyze it all. Orchestration and automation are the future of the modern SOC. Given Google’s vast resources of both and talent, it seems likely Backstory will gain traction quickly, and become a contender in the near future. Outsourcing your security telemetry to Chronicle, however, may be exposing your corporate secrets to the prying eyes of the U.S. government–a decision no enterprise should take lightly.

As for the prie fixe? Gillett declined to publicly say but emphasize that Chronicle “wanted to remove obstacles to data access and storage over time.”

SUBSCRIBE! Get the best of CSO delivered to your email inbox.

CSO provides news, analysis and research on security and risk management

Source link


Please enter your comment!
Please enter your name here