BlackBerry has integrated CylancePROTECT and CylanceOPTICS with Chronicle’s Backstory security analytics platform, starting this quarter. BlackBerry Cylance predictive endpoint protection will contribute valuable threat intelligence used in Backstory’s enterprise security telemetry.
Backstory is a global cloud service where companies can privately upload, store, and analyse their internal security telemetry to detect and investigate potential cyber threats. Chronicle built a new layer over core Google infrastructure where you can upload your security telemetry, including high-volume data such as DNS traffic, netflow, endpoint logs, proxy logs, etc., so that it can be indexed and automatically analysed by an analytics engine.
Backstory compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly. It also continuously compares any new piece of information against your company’s historical activity, to notify you of any historical access to known-bad web domains, malware-infected files, and other threats.
BlackBerry Cylance’s AI-powered security solutions protect the complete enterprise attack surface with automated threat prevention, detection, and response capabilities. Backstory provides a global security telemetry platform for investigating incidents and hunting for threats in enterprise networks.
Together, this integration will help security administrators quickly identify and respond to threats detected in their organisation’s environment by recognising patterns in threat data and user activity over time.
Backstory is designed to manage large volumes of historical data, while CylancePROTECT and CylanceOPTICS allow users to pinpoint specific behaviour or reference larger trends from an easily retrievable body of data.
“Endpoint data is invaluable for any organization’s security operation, but it can be noisy and maintaining historical data is costly,” said Eric Cornelius, chief technology officer at BlackBerry Cylance.
“We believe integrating BlackBerry Cylance threat protection and detection capabilities with Chronicle’s Backstory will give organisations the scale and speed needed to protect their data and employees from always evolving cyber threats.”
Triggers and indicators identified by BlackBerry Cylance can be correlated with Backstory’s context panel, which summaries, categories, and packages threat intelligence for the customer, all for a predictable fixed cost. This allows security professionals to spend more time focusing on strategic goals rather than chasing alerts and managing the scaling, backup, and performance of their analytics system.