Better is the way you would perceive your network flow of information and adhere to particular Information Security Standard with Stamus.
Auto protocol detection allows for protocol recognition independently of communication ports and networks facilitating easier analysis. For example – a malware control channel can be detected without consideration of the used port. Stamus appliances are using the robust and proven Suricata’s auto protocol analysis engine. This allows to build efficient ruleset using the different auto protocols detection filters in a native way.
All the information extracted from the protocols can be searched and presented in an on-demand configurable and flexible dashboard in the analysis interface. The information can also be logged and accessed in the RYOD (Run Your Own Defense) container to be analyzed/filtered/queried by/for your own tasks, if needed.
All the information gathered while inspecting the flow of information can be used to detect Information Security Policy violations. You can utilize information security violation trends within categorically and individually pointed inspection sets, that would be specific to the security policy of your particular company,site,department,entity and/or country. For example, you can alert if a site is not allowed to receive DNS information for a particular domain but does so. You can also for example validate and verify in real time that your public-key infrastructure (PKI) is used on all your servers correctly and on all your SSL/TLS enabled network services.