Google parent Alphabet has unveiled a new firm called Chronicle that will offer organizations machine-learning enhanced cybersecurity intelligence.
Chronicle has been incubated at Alphabet’s “moonshot factory”, X, since 2016, and is the third company to "graduate" after self-driving firm Waymo and health-tech firm Verily.
The company is run by a mix of enterprise cybersecurity industry veterans and threat intelligence researchers who’ve designed and run Google’s internal security infrastructure.
Alphabet’s Captain of Moonshots, X, Astro Teller said major hacks of 2017 such as WannaCry, NotPetya, and the ShadowBrokers leaks, demand a new answer like a digital equivalent of the body's "immune system" that can reject bad things even before they're known to be bad.
"Most organizations currently have to work like doctors treating a disease after the symptoms have shown up and the damage has been done. But hackers aren’t invisible; they leave tiny clues like a virus or bacteria in the bloodstream while they quietly harm the hosts," wrote Teller.
It's not clear where exactly Chronicle will fit in the spectrum of security services available, but as Risky Business' Patrick Gray noted, a possible target could be threat intelligence services.
The company however does make clear it will not be selling security boxes to the enterprise. All services will be cloud-based and as Chronicle's CEO and co-founder Stephen Gillett pointed out, its services will run off Alphabet's infrastructure, which gives it access to far lower storage costs than others have, allowing customers to mine larger data stores for security insights.
Gillett, a former chief operating officer at Symantec, also reckons enterprise often can't cope with the data generated by too many security products.
“Security threats are growing faster than security teams and budgets can keep up, and there’s already a huge talent shortage. The proliferation of data from the dozens of security products that a typical large organization deploys is paradoxically making it harder, not easier, for teams to detect and investigate threats,” he wrote in a blog.
Gillett co-founded Chronicle with Mike Wiacek and Shapor Naghibzadeh from Google’s Threat Analysis Group. Other key members include chief scientist, Carey Nachenberg, one of the key developers behind Norton Antivirus.
One side of Chronicle offers a cybersecurity intelligence and analytics platform run off computing infrastructure shared with Alphabet's other initiatives. The other side provides malware intelligence from VirusTotal, the Spanish malware database that Google acquired in 2012. Researchers and admins upload malware samples to VirusTotal to see whether it's recognized by popular antivirus databases. It also alerts businesses and antivirus firms to emerging malware threats.
While relying on Alphabet infrastructure, Chronicle is an independent company that will have its own contracts with customers.
Chronicle's intelligence services will help organizations capture, analyze and utilize security signals much faster than they’ve been able to previously and ultimately reduce the time it takes to detect a security breach, according to Gillett.
The company has tested a preview release of its cybersecurity intelligence platform in an early alpha program with a number of Fortune 500 companies, says Gillett.
VirusTotal founder Bernardo Quintero is also join Chronicle but will continue to maintain VirusTotal's product development in Spain. VirusTotal will continue to run as it has previously.
- Maersk took just 10 days to replace 45,000 PCs wiped by NotPetya attack
- Data Privacy Day is a reminder that time is running out to fix your users’ bad security habits
- How SMBs can better protect themselves against the rising tide of cyber security threats
- Google tells Android developers: we removed 700k bad apps from Play Store in 2017
- Malvertizing leads 500k victims to 90 bad Chrome Web Store extensions