LAS VEGAS — IoT opens a Pandora’s box of security challenges because of network complexity and the sheer number of connected devices. “People are talking about IoT security — it seems like the next big thing,” said Rick Caccia, chief marketing officer at Chronicle.
Chronicle is a security company that spun out of Alphabet’s secretive X research lab. In an interview with SDxCentral at Black Hat, Caccia said IoT amplifies many of the challenges that companies still struggle with.
“A lot of these trends are continuing: more people online, moving to the cloud, you control less, there’s more areas for attacks, you start to have more devices that you don’t even know are connected to your network,” he said.
Plus, attacks are getting bigger and more frequent. And there aren’t enough trained security professionals to tackle the growing problems. “The biggest challenge is keeping up with change,” he said. “Things change so fast, the attacks are new all the time, and companies just can’t keep up.”
“If I can’t hire enough experts, I want to automate,” Caccia said. “I can use new techniques like machine learning and artificial intelligence to come up with new information about threats.”
Chronicle’s VirusTotal service already does this for malware, he added.
Google acquired the malware and virus scanner in 2012. It allows users to select a file from their computer and upload it to VirusTotal. The service then checks it against a database of more than 70 antivirus engines and domain blacklisting services.
“Google’s goal is to give people a way to manage all of their data and make sense of it. Chronicle can help analyze the world’s security data,” Caccia said. “Our first step in that was VirusTotal.”
Shortly after Chronicle’s debut in January, VirusTotal became part of the new security company. And in June it launched a new tool to help developers mitigate false positives and ensure their code isn’t mistakenly flagged as malware.
“Think of VirusTotal like the CDC [Centers for Disease Control] for malware,” Caccia said. “It’s got billions of pieces of sample malware and gets a couple million new pieces a day.”
In addition to VirusTotal, Chronicle is building an analytics platform that will use machine learning and advanced search capabilities to give companies better insight into the threats. It’s working with a few dozen Fortune 500 companies to test the platform, which doesn’t have a release date, Caccia said.
The platform will use the same scalable infrastructure that powers all of Alphabet’s initiatives, which require storage and processing power. The company calls this “planet-scale” computing and analytics.
“The way Alphabet thinks about it, when this platform launches, it’s got to launch at Google level,” Caccia said.