Cyberattacks are increasing in scope and number faster than companies can train and employ professionals to fight them. The hackers who commit these crimes are professionals with clear long-term goals. They are meticulous, skilled, and patiently work their way through companies’ defences. It’s not uncommon for an enterprise security team to discover an attack months after it has started, and for it to take months to understand the extent of the damage.
The proliferation of security-related data can make it harder, not easier, for companies to detect and investigate threats because of the time required to analyse the data. It takes security teams far too long to find what’s truly relevant — sometimes they’re slowed by too much information, and other times there are gaps in the information that’s available to search and analyse.
Chronicle was born from an aspiration to increase the speed and impact of security teams by making it easier, faster, and more cost-effective for them to capture and analyse security-related clues from across the company. In early 2016, Chronicle began developing a cybersecurity intelligence and analytics platform to help enterprise teams better manage and understand security-related data.
By combining machine learning with large amounts of computing power and storage, Chronicle helps teams find patterns in huge volumes of data that aren’t easily spotted even by trained experts, giving businesses a higher-resolution view of their security situation than they’ve ever had. The aim is to reduce the damage caused by cybercrime by shortening the time between when an attack occurs and when it’s discovered.
As part of Google’s Cloud business, Chronicle works with customers and partners to actively identify network threats against an array of vulnerabilities and attackers.