Feudal security just got even more feudal with Google's new Backstory security service. Credit: monsitj / Getty Images Alphabet’s Google’s Chronicle’s Backstory–yes, the shell game is a mouthful–wants to be the mega-SIEM to end all SIEMs that lets enterprises know all the things forever and search them in less than a second.Unlike other SIEMs that charge by data storage or usage, the new Backstory product is priced for unlimited data, Google told a press conference at its office in downtown San Francisco today. The company encourages full data retention forever–into the petabytes–thus enabling unlimited security telemetry.However, either you pay for a product or you are the product, the old saying goes, and it’s clear that Google is hungry to consume enterprise security data for future profit-making ventures.How big is your log?Typical SIEMs cannot log more than a month or two of security data because of the sheer size of the data involved, limiting the insights security operations centers (SOCs) can extract from that data. As the Chronicle press release put it, “In a nutshell, [Chronicle is] the first global security data platform designed for a world that thinks in petabytes.” Backstory is gunning for the on-premise security big data market, and the data it acquires from customers will be used to train better machine-learning models. Customers–“partners,” in Googlespeak–store their security telemetry in a “private cloud instance.” When CSO asked how private the cloud instances are, CEO Stephen Gillett said that Chronicle does have visibility into customers’ cloud instances but said, “We don’t share that with anybody.” However, potential partners should be wary. Chronicle is subject to U.S. law, including subpoenas, lawful target warrants, as well as FISA warrants authorizing mass surveillance.One price to rule them allEnterprise SOCs are awash in data and struggle to make sense of it. There’s not enough good security talent to analyze it all. Orchestration and automation are the future of the modern SOC. Given Google’s vast resources of both cash and talent, it seems likely Backstory will gain traction quickly, and become a contender in the near future. Outsourcing your security telemetry to Chronicle, however, may be exposing your corporate secrets to the prying eyes of the U.S. government–a decision no enterprise should take lightly.As for the prie fixe? Gillett declined to publicly say but emphasize that Chronicle “wanted to remove obstacles to data access and storage over time.” Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe