GopherCap Packet De-duplication
A while back I wrote a blog post about a packet filtering subcommand I implemented into GopherCAP....
We are a global provider of high-performance network-based threat detection and response systems that help your security teams know more, respond sooner and mitigate risk with insights gathered from cloud and on-premise network activity. Our Stamus Security Platform exposes serious and imminent threats to your critical assets and accelerates your response.
Greater visibility & evidence
More complete detection
Response-ready notifications
Extensible threat intelligence
Straightforward integrations
Immediate results
Even the most advanced intrusion detection systems (IDS) and network security monitoring (NSM) solutions generate a substantial number of events, or indicators of compromise (IoC), every single day.
Security teams who manage these systems either spend countless hours investigating each of the IoCs or feed them into a security event and incident management (SIEM) system for further analysis. This latter scenario often results in "store and ignore" behavior.
Yes, the data are available for incident investigation, but in this model the detection of the actual threat is lost in the stored and ignored data.
SSP is available in two functional license tiers – Stamus Network Detection (Stamus ND) and Stamus Network Detection and Response (Stamus NDR). See the table below for a high-level comparison.
Automated broad-spectrum detection (machine learning + rules + threat intelligence + stateful logic). Logs everything, alerts only on serious and imminent threats.
Open interfaces for SOAR, SIEM, XDR & third-party threat intel. Transparent and explainable results backed by extensive evidence.
High-fidelity insights into attacks on your hosts and user accounts correlated and tracked by stages on the kill chain.
Guided threat hunting interface with advanced pivoting on enriched data, event tagging and automated alert triage.
Easy to install, integrate, configure, and operate. It just works - all the time.
Stamus Networks' product development is led by our co-founders, Éric Leblond and Peter Manev. Both Éric and Peter are members of the Open Information Security Foundation executive team and developers on the Suricata project, the widely-deployed open source intrusion detection and network security monitoring engine. The OISF is a non-profit organization created to build community and to support open source security technologies like Suricata. Under the leadership of Éric and Peter, Stamus Networks applies its extensive Suricata and network expertise to develop our advanced network security solutions.
Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful.
Unlike other network security companies, Stamus Networks delivers truly useful detection at enterprise scale by applying the right technologies to the right problems, while avoiding the hype, fear and exaggeration that is often employed by security vendors. We are guided by these and a few other core principles which we believe positively impact our customers’ experience with us.
Head of Sector at a multi-national government institution
Cyber Defense Engineering Manager at a major travel technology vendor
Lead of Information Security Team for a global engineering SaaS company
Lead Security Analyst at large SaaS vendor
Head of Cyber Security and Governance at an international European Bank
CTO at Bulgarian MSSP
Director of Infrastructure Technology at U.S. public school system
Head of Cyber Security and Governance at an international European Bank
Sales Engineer at French MSSP
Head of Cyber Security and Governance at an international European Bank
Lead of Information Security Team for a global software engineering firm
A while back I wrote a blog post about a packet filtering subcommand I implemented into GopherCAP....
As we celebrate the beginning of another new year, we’d like to take a glimpse back at the news,...
It is not uncommon to see executable file transfers within an organization. However, it is...
ABOUT STAMUS NETWORKS
Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful. A global provider of high-performance network-based threat detection and response systems, Stamus Networks helps enterprise security teams know more, respond sooner and mitigate their risk with insights gathered from cloud and on-premise network activity. Our Stamus Security Platform combines the best of intrusion detection (IDS), network security monitoring (NSM), and network detection and response (NDR) systems into a single solution that exposes serious and imminent threats to critical assets and empowers rapid response.
© 2014-2023 Stamus Networks, LLC. All rights Reserved.