Comprehensive Software Reviews to make better IT decisions
Google’s Backstory SIEM Offers Unprecedented (but Potentially Risky) Data Collection Capabilities
Chronicle’s Backstory marks Google’s first foray into the SIEM industry by introducing a SIEM that claims full data retention “forever.” Organizations must weigh the benefits of Backstory’s cloud-based SIEM against their perceptions of Google’s data collection practices.
Backstory will use the data it collects from customers to make more sophisticated analytics that may affect the privacy of data users and complicate data ownership.
Rather than store a company’s logs on-premises, Backstory enables users to store their security telemetry via a cloud service built as a specialized layer on top of Google’s core infrastructure. While not necessarily a part of Google, as Chronicle is subject to separate legal and privacy agreements, organizations may still remain suspicious of storing corporate data with Chronicle.
While Chronicle claims that it improves an analyst’s capabilities to find and respond to threats by providing petabytes of their own data without requiring them to write rules or queries, the decision to store all of an organization’s data that was ever created might raise concerns over data ownership and data retention. Nevertheless, the massive amount of data that Backstory can collect represents an impressive development in what current SIEM storage and machine learning may be capable of, and could very well be a game-changer for the SIEM market.
Organizations should do their due diligence whenever they commit to any SIEM platform, and Chronicle’s Backstory should be no different. While Backstory’s link to Google offers significant advantages to organizations such as speed and a massive amount of historical data on security threats, it may or not may not be right for an organization’s level of acceptable risk around how its data is stored and used.
Further, organizations should keep in mind current and upcoming regulations such as GDPR and CCPA that generally require specific data retention policies that might complicate Backstory’s claims that it can retain data forever.
Want to Know More?
Avaya’s newly released firmware addresses a vulnerability that has survived for 10 years in VoIP phone models configured with H.323 signaling.
A hacker has compromised 106 million Capital One customers after a data breach. But the real story might be less to do with cloud security itself and more to do with Capital One’s own security engine for cloud services.
Apple has delivered a silent update to Macs, rectifying a security flaw in its Zoom web-conferencing service.
Cyberattacks are terrible and require the same dedication to overcome them as would any other disaster response effort. Just like natural disasters, cyberattacks cause millions of dollars in damage, disrupt infrastructure, and impede citizens from their daily lives.
LogPoint, the next generation SIEM, UEBA, and big data analytics company, continues to expand into the global market outside of its European base.
Analysis by Frost & Sullivan recently claimed that the Security Information and Event Management (SIEM) market will grow to $3.23 billion by 2023 as a result of recent advances and greater versatility.
Microsoft is releasing free online courses for artificial intelligence. This is its attempt at remaining relevant in the AI space, so you might as well take advantage.
VMware is delving deeper into the IT security segment with its recent announcement at RSA 2019, unveiling its Service-defined Firewall product. VMware will be competing with security giants Palo Alto Networks and Cisco, among others, to introduce the new offering that focuses on the internal network by validating good application behavior.
Trends in security products supporting humans rather than replacing them.