What is Stamus Security Platform

Stamus Security Platform is a broad-spectrum, open network detection and response (NDR) system that delivers actionable network visibility and threat detection with:

  • Greater visibility & evidence

  • More complete detection

  • Response-ready notifications

  • Extensible threat intelligence

  • Straightforward integrations

  • Immediate results

SSP-in-Monitor-FacingLeft-LowRes
Download the Datasheet

How Stamus Security Platform improves your security

Enterprise security teams use Stamus Security Platform for automated detection, proactive threat hunting, incident investigation and IT policy enforcement. Ultimately, the system helps security (SecOps) and network (NetOps) operations teams:

  • Reduce your organization’s risk - uncover known and unknown threats to critical assets from your cloud and on-premise networks. 

  • Eliminate network blindspots - monitor north-south as well as east-west traffic with Stamus Network Probes at all critical points in your cloud and on-premise networks.

  • Eradicate alert fatigue - the system notifies incident response systems and personnel only when urgent and imminent threats are identified.

  • Reduce the workload of your SOC analysts - focus your valuable staff on proactive security measures, rather than pouring through 1000s of alerts. 

  • Dramatically accelerate incident response - quickly investigate potential issues with transparent, explainable results, backed up with extensive evidence.

  • See results immediately - Stamus Security Platform is easy to install, configure and integrate with other elements of your security tech stack.

  • Extend your capabilities - leverage third-party threat intelligence and rulesets; and easily transform a threat hunt into custom detection logic.

  • Uncover hidden threats -because even the most advanced system cannot automatically detect everything, Stamus Security Platform comes with integrated guided threat hunting that simplifies proactive defense for less-experienced analysts.

 

How it works

Stamus Security Platform consists of two components: Stamus Network Probe(s) and Stamus Central Server. Each play a critical role in scaling the system. Stamus Central Server and Stamus Network Probes can be deployed in private cloud, public cloud, on-premise, or hybrid environments.

Marketecture-2022-June-7

Stamus Network Probes

Stamus Network Probes inspect and analyze all network traffic to perform real-time threat detection, enrich the resulting events with extensive metadata, and capture network protocol transactions. The probe delivers all this data to the Stamus Central Server for additional analytics, processing and another layer of threat detection.

Stamus Central Server

Stamus Central Server provides the centralized management of the probes, third party threat intelligence and rulesets, consolidated event storage and a central integration point. It includes a additional layer of machine learning and algorithmic threat detection, along with automated event triage – enabled by tagging and classification. Finally, the Stamus Central Server provides a powerful threat hunting and incident investigation user interface.

Stamus Security Platform in-cloud or on-premise – or both

The modern enterprise IT architecture includes resources in your facilities as well as in public and private cloud environments.

SSP Deployment Diagram

 

Your network "perimeter" has expanded dramatically and so has your attack surface. In order to eliminate blind spots, it is crucial to monitor the network for east-west and north-south traffic at all these sites. Stamus Security Platform is designed to do just that.

Request a Demo

Available in Two License Tiers

Stamus Security Platform is available in two license tiers to fit the needs of your organization.  

The table below summarizes the differences between these two license tiers and the capabilities of the open source SELKS platform.

Stamus ND-NDR-Compared

 

Schedule a Demo of Stamus Security Platform

Request a Demo