<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Know more. Respond sooner. Mitigate risk.

Accelerate your response to threats with solutions that uncover serious and imminent risk from your cloud and on-premise network activity.

Watch the 90 Second Intro Video

Network threat detection and response

We are a global provider of high-performance network-based threat detection and response systems that help your security teams know more, respond sooner and mitigate risk with insights gathered from cloud and on-premise network activity. 


Our solutions expose serious and imminent threats to your critical assets and accelerate your response.

Stamus NDR Screenshot

Stamus Network Detection and Response (NDR)

Stamus NDR is a broad-spectrum, open network detection and response (NDR) system that delivers:

  • Declarations of Compromise™ - response-ready threat detection from machine learning, stateful logic, and signatures

  • Asset-oriented attack insights
  • Open interfaces for SOAR, SIEM, XDR, IR
  • Support for third-party and custom threat intelligence
  • Explainable and transparent results with evidence
  • Integrated guided threat hunting
Stamus ND Screenshot

Stamus Network Detection (ND)

Stamus ND is a Suricata-based intrusion detection (IDS) and network security monitoring (NSM) system, that delivers:

  • Correlated IDS (signature-based) and NSM (protocol transaction logs) data
  • Open interfaces for SIEM
  • Turn-key Splunk app
  • Support for third-party signatures and threat intel
  • Tagging & classification for automated triage and alert reduction
  • Integrated guided threat hunting

The network does not lie


In fact, the network holds the ground truth for an enterprise’s security posture. Even as more organizations shift to cloud-based resources, encrypted transmission, and remote workforces, nearly all cyber threats generate communications that can be observed on the network.


At Stamus Networks, we tap into the inherent power of network traffic to uncover critical threats to your organization. We offer the best possible asset-oriented visibility and automated detection to help practitioners cut through the clutter and focus on only those serious and imminent threats.

Dramatic resource savings

Even the most advanced intrusion detection systems (IDS) and network security monitoring (NSM) solutions generate a substantial number of events, or indicators of compromise (IoC), every single day.


SSP - Overview - Funnel


Security teams who manage these systems either spend countless hours investigating each of the IoCs or feed them into a security event and incident management (SIEM) system for further analysis. This latter scenario often results in "store and ignore" behavior.


Yes, the data are available for incident investigation, but in this model the detection of the actual threat is lost in the stored and ignored data.


Stamus Network Detection (ND) Stamus ND automates the event triage process with a powerful tagging and classification system, dramatically reducing alert noise and improving operational efficiencies. And because your analysts need both network protocol transaction data and IDS alerts, Stamus ND integrates both NSM and IDS functionality into a single system. This provides both higher performance and a system that is much easier to maintain.

Learn more about Stamus ND >>


And you can further reduce resource requirements with Stamus Network Detection and Response (NDR). Stamus NDR applies powerful analytics -- in the form of  stateful logic and machine learning -- to the network metadata, for high-fidelity network threat detection that alerts you only when there is a serious and imminent danger. By responding only to these Declarations of Compromise™ (DoC), your team's resources can redeployed for more proactive activities such as threat hunting. 

Learn more about Stamus NDR >>

Why Stamus NDR

Broad-Spectrum Automated Detection

Automated broad-spectrum detection (machine learning + rules + threat intelligence + stateful logic). Logs everything, alerts only on serious and imminent threats.

Open Interfaces & Explainable Results

Open interfaces for SOAR, SIEM, XDR & third-party threat intel. Transparent and explainable results backed by extensive evidence.

Asset-Oriented Attack Insights

High-fidelity insights into attacks on your hosts and user accounts correlated and tracked by stages on the kill chain.

Built-in Guided Threat Hunting

Guided threat hunting interface with advanced pivoting on enriched data, event tagging and knowledge transfer workflow

It Just Works

Easy to install, integrate, configure, and operate. It just works - all the time.

Built by open source security technology experts

Stamus Networks' product development is led by Éric Leblond and Peter Manev. Both Éric and Peter are members of the Open Information Security Foundation executive team and developers on the Suricata project, the widely-deployed open source intrusion detection and network security monitoring engine. The OISF is a non-profit organization created to build community and to support open source security technologies like Suricata. Under the leadership of Éric and Peter, Stamus Networks applies its extensive Suricata and network expertise to develop our advanced network security solutions.

Why Stamus Networks

Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful.

Unlike other network security companies, Stamus Networks delivers truly useful detection at enterprise scale by applying the right technologies to the right problems, while avoiding the hype, fear and exaggeration that is often employed by security vendors. We are guided by these and a few other core principles which we believe positively impact our customers’ experience with us.

See what a few of our customers are saying about Stamus Networks

Quote mark for testimonial

We selected the Stamus Networks solution based on our success at my previous employer. We found it to be an indispensable platform for understanding our security posture.

Head of Sector at a multi-national government institution

Quote mark for testimonial

We use the [Stamus ND] to monitor a multitude of custom applications to ensure they are operating securely.

Cyber Defense Engineering Manager at a major travel technology vendor

Quote mark for testimonial

[Stamus ND] allowed us to reduce costs by simplifying IDS systems configuration and updates management, and by getting a single pane of glass on all IDS events with preconfigured dashboards and filters.

Lead of Information Security Team for a global software engineering firm

Quote mark for testimonial

I have previously worked with six different IDS vendors, and only Stamus provides us with both the signature and anomaly-based data we need which previously required two separate traffic analyzers.

Lead Security Analyst at large software tools vendor

Quote mark for testimonial

Using the threat hunting capabilities of the [Stamus ND] we have been able to uncover multiple instances of C2 communications and malware running within our infrastructure.

Head of Cyber Security and Governance at an international European Bank

Quote mark for testimonial

The ability of [Stamus ND] to suppress the typically verbose stream of alerts enables us to quickly identify malicious activity from the tremendous noise associated with things like proxies on the network. By selecting the ‘relevant’ alerts, we are able to transition from millions of daily alerts to the 10 or 15 we actually need to review.

CTO at Bulgarian MSSP

Quote mark for testimonial

After we started using [Stamus NDR], we were able to drop our MSSP and reduce our costs while strengthening our cyber security posture.

Director of Infrastructure Technology at U.S. public school system

Quote mark for testimonial

Stamus Networks has provided us with the most effective solution within our security stack. Their dedication to supporting us has been unmatched by any other vendor. We are excited to continue expanding our deployment of the [Stamus NDR].

Head of Cyber Security and Governance at an international European Bank

Quote mark for testimonial

We are excited to install the [Stamus ND] at a major manufacturing client because the context provided by the solution allows us to identify actual threats in less time than other tools we have used.

Sales Engineer at French MSSP

Quote mark for testimonial

The detailed network definitions used in the [Stamus ND] allows us to efficiently and intuitively hunt for improper encryption certificates and proxy services. It's incredibly useful.

Head of Cyber Security and Governance at an international European Bank

Quote mark for testimonial

We managed to increase visibility of suspicious and malicious network activity which highly simplified incident investigation. But I think the biggest advantage we received is the support from Stamus Networks team which always was quick, constructive and useful.

Lead of Information Security Team for a global software engineering firm

Recent Blog Articles


12 Signs it’s Time to Upgrade your Legacy IDS/IPS

So, you are considering migrating your legacy or aging intrusion detection and prevention system...


SuriCon 2021: Through the Eyes of the Conference Organizers

This year SuriCon was a hybrid event for the first time ever. The conference was held both...


Upgrading your IDS/IPS? Answer these 3 Key Questions First.

So, you are considering migrating your legacy or aging intrusion detection and prevention system...