Stamus Networks Blog

We believe that sharing information is necessary to improve global security. The purpose of this blog is to share our experiences, perspectives and experiments.

Subscribe to our Blog

Blog /
Showing 22 results
of 22 items.
Reset All

Category

Recent Posts

Beyond Threats: Enforcing Compliance with Declarations of Policy Violations (DoPV)

Beyond Threats: Enforcing Compliance with Declarations of Policy Violations (DoPV)

Aug 05, 2025 Phil Owens
Network Detection and Response, Compliance, Declarations of Compromise, ClearNDR, Unique to Clear NDR, Declarations of Policy Violations, Clear NDR Enterprise

While detecting malicious attacks is critical for preventing a serious security incident, ensuring...

Read More
Declarations of Compromise® -- Cutting Through the Noise to Uncover Serious and Imminent Threats

Declarations of Compromise®: Cutting Through the Noise to Pinpoint Serious and Imminent Threats

Jul 29, 2025 Phil Owens
Network Detection and Response, Declarations of Compromise, ClearNDR, Unique to Clear NDR, Clear NDR Enterprise

Security teams are often overwhelmed by a flood of alerts, leading to alert fatigue and missed...

Read More

Uncovered: Real-Time Policy Violation Detection in a Zero Trust Environment

Jun 26, 2025 Peter Manev
Network Detection and Response, Threat Hunting, Network Security Monitoring, Clear NDR Enterprise, Zero Trust

Modern IT infrastructure, whether traditional or hybrid, faces persistent challenges: staff...

Read More

Uncovered: Uncovering Risk Exposure from Publicly Accessible Unauthenticated TFTP

Jun 12, 2025 Peter Manev
Network Detection and Response, Threat Hunting, Network Security Monitoring, Clear NDR Enterprise

One of the significant advantages of Clear NDR’s multi-layered detection is its ability to identify...

Read More
Production Ready Suricata Language Server (SLS) 1.0 is now Available

Production Ready Suricata Language Server (SLS) 1.0 is now Available

Jun 12, 2025 Eric Leblond
Open Source, Network Detection and Response, Suricata, Stamus Labs, Clear NDR Community, Clear NDR Enterprise

Suricata Language Server (SLS) has been available for more than 3 years, and it has always been...

Read More

Uncovered: Uncovering Misconfigured Devices & Applications with Clear NDR

Jun 03, 2025 Peter Manev
Network Detection and Response, Threat Hunting, Network Security Monitoring, Clear NDR Enterprise

The example outlined in this blog article demonstrates Clear NDR’s value in delivering visibility...

Read More

Uncovered: Detecting Misconfigured Web Server via Unstructured Hunting in Clear NDR

May 29, 2025 Peter Manev
Network Detection and Response, Threat Hunting, Network Security Monitoring, Clear NDR Enterprise

The following example is of an unstructured hunt technique—an investigation based on an idea or...

Read More

Uncovered: Suspicious TLS Beaconing Activity Uncovered by Clear NDR AI

May 20, 2025 Peter Manev
Network Detection and Response, Threat Hunting, Network Security Monitoring, Artificial Intelligence, Clear NDR Enterprise, Beaconing

One of the key strengths of Clear NDRTM is its AI-based TLS beacon detection, which, when combined...

Read More
Introducing Clear NDR™: Unified, Open, and Transparent Network Threat Detection and Response

Introducing Clear NDR™

Dec 10, 2024 Stamus Networks Team
Open Source, Network Detection and Response, Stamus News, Clear NDR Community, Clear NDR Enterprise

At Stamus Networks, we have always been driven by a commitment to openness, transparency, and...

Read More

Uncovered with Clear NDR: Tapped on the Shoulder

Jun 21, 2024 Phil Owens
Network Detection and Response, Threat Hunting, Uncovered with SSP, Stamus Security Platform, Clear NDR Enterprise

In this series of articles, we explore a set of use cases that we have encountered in real-world...

Read More
Demystifying the Cyber Kill Chain: Understanding the Stages of a Cyber Attack

Demystifying the Cyber Kill Chain: Understanding the Stages of a Cyber Attack

Jun 20, 2023 Stamus Networks Team
Network Detection and Response, Stamus Security Platform, Declarations of Compromise, ClearNDR, Clear NDR Enterprise

The cyber kill chain is a widely-used framework for tracking the stages of a cyber attack on an...

Read More
Using MISP Shared Threat Intelligence in Stamus Security Platform

Using MISP Shared Intelligence in Clear NDR

Mar 09, 2023 Alexander Nedelchev
Open Source, Network Detection and Response, Stamus Security Platform, Stamus Labs, Threat intelligence, Clear NDR Enterprise

Clear NDRTM users can now integrate the Malware Information Sharing Platform (MISP) to supplement...

Read More
Stop the leak! Detecting ChatGPT used as a channel for data exfiltration by Peter Manev

Stop the leak! Detecting ChatGPT used as a channel for data exfiltration

Feb 28, 2023 Peter Manev
Network Detection and Response, Stamus Security Platform, Threat intelligence, Clear NDR Enterprise

In a recent conversation, one of our customers shared their concerns about the use of ChatGPT in...

Read More
Detecting Attacks Against CVE-2022-39952 (FortiNAC) by Stamus Networks Team

Detecting Attacks Against CVE-2022-39952 (FortiNAC)

Feb 24, 2023 Stamus Networks Team
Network Detection and Response, Threat Hunting, Stamus Security Platform, CVE, Stamus Labs, Clear NDR Enterprise

This blog describes the steps Stamus Networks customers may take to determine if any of your...

Read More

Threats! What Threats? Penetration Tests and Clear NDR

Sep 22, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

This week in our threat detection blog we are mixing things up and discussing an important  Clear...

Read More

Threats! What Threats? Combatting Remote Access Trojans with Clear NDR

Sep 12, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

This week’s threat detection blog dives deeper into a common type of malware, remote access trojans...

Read More

Hunting for Unauthorized FTP Usage

Aug 30, 2022 Peter Manev
Threat Hunting, Stamus Security Platform, Clear NDR Enterprise

This week’s guided threat hunting blog focuses on a specific policy violation - the use of...

Read More

Threats! What Threats? Detecting Phishing with Clear NDR

Aug 05, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

Phishing is commonly regarded as the most common and effective way attackers can gain access into a...

Read More

Threats! What Threats? Command & Control and Clear NDR

Jul 29, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

In this article, we will review one of the most important and critical  phases on the cyber kill...

Read More

Threats! What Threats? Malware Beacons and Clear NDR

Jul 21, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

One of the first network-related indications of a botnet or peer-to-peer (P2P) malware infection is...

Read More

Threats! What Threats? Detecting Lateral Movement with Clear NDR

Jul 14, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

In this article I want to highlight one of the tactics used by malicious actors to move within your...

Read More

Threats! What Threats? Combatting Malware with Clear NDR

Jun 30, 2022 D. Mark Durrett
Network Detection and Response, Stamus Security Platform, Threat intelligence, Threats! What Threats?, Clear NDR Enterprise

In the first article of this series -- Threats! What Threats? -- I mentioned that my colleague,...

Read More

ABOUT STAMUS NETWORKS

Stamus Networks is the global leader in Suricata-based network security and the creator of the innovative Clear NDR™ system. Designed to close visibility gaps and reduce alert fatigue, Clear NDR transforms raw network traffic into actionable security insights with unmatched transparency, customization, and effectiveness. Trusted by leading financial institutions, government agencies, and participants in NATO’s largest cybersecurity exercises, Stamus Networks delivers proven, high-performance network detection and response solutions. Stamus empowers security teams – delivering clarity amidst complexity – with greater control, fewer false positives, faster response times, and a more responsive, open approach than legacy vendors.

Indianapolis, USA Paris, France

Privacy

© 2014-2025 Stamus Networks, Inc. All rights Reserved.