Google ‘Moonshot’ and NSA Toolkit Rise Above the Marketing Deluge at RSA Conference
This week the cybersecurity industry’s RSA Conference (perhaps I should say the RA Conference) took place in San Francisco. It’s a mega-marketing and deal-making affair at which vendors spend lavishly to persuade potential customers that their wares can protect them, even when they can’t.
While I did not attend the potlatch, I observed the proceedings from afar. And though I don’t usually cover product debuts, at least two releases merit ink.
First, Chronicle, the cybersecurity startup incubated within Google X—Alphabet’s so-called moonshot factory, now known just as X—unveiled its flagship product, Backstory. The service is designed to keep unlimited logs of network telemetry and security-related data for corporate security staff while managing alerts and providing real-time analytics. The product incorporates learnings and technology from Chronicle’s sister company Google, known for its unparalleled, storage, indexing, and artificial intelligence capabilities.
Perhaps just as important as Backstory’s technical underpinnings is the product’s business model, which does not penalize companies for storing more information. Instead of pricing licenses based on usage, Chronicle offers licenses that are priced based on customers’ employee count. In theory, this lets Chronicle’s customers keep their security-related records in perpetuity at no extra cost—a valuable proposition for hack investigators.
When I suggested on a call with Chronicle CEO Stephen Gillett that Backstory reminded me of Google Photos or Gmail except for cybersecurity, he was quick to point out that Chronicle is a separate company from Google, despite sharing a parent in Alphabet. “Google employees can’t even get into our building,” he said. I got the sense that Gillett wants no one to believe there might be any privacy concern in working with a Google-adjacent business in an area so rich with sensitive data—a challenge that Google Cloud has had to face in marketing its services as well.
Investors needed no persuading. Their response reminded me of the reaction they tend to have when Amazon announces it is entering a new industry. Share prices of incumbents—including IBM, Rapid7, and Splunk—all dropped.
The other product debut worth mentioning was the U.S. National Security Agency’s release of Ghidra, a formerly classified toolkit for reverse-engineering malware, as an open source project. Security researchers are, generally, elated. This free software will greatly benefit digital defenders, providing a powerful new tool to parse and understand hackers’ code—even if the initial version has bugs. (Hey, no one is perfect.)
For all the sales bluster of RSA Conference, these new tools are sure to prove valuable additions to guardians’ arsenals.