Qosmos Probe as DPI sensor strengthens cyber threat hunting capabilities at Security Operations Centers
STOCKHOLM, June 28, 2018 /PRNewswire/ -- Enea® (NASDAQ OMX Nordic: ENEA) today announced the availability of the Qosmos Probe 2.0 configured as a Deep Packet Inspection (DPI) sensor, designed to strengthen cyber threat hunting capabilities at Security Operations Centers (SOCs).
SOCs need accurate traffic intelligence to identify advanced threats that evade traditional cyber incident detection and protection solutions. Configured as a DPI sensor, the Qosmos Probe provides detailed, real-time traffic information about applications and protocols. The extracted data is formatted in a normalized stream for easy consumption by security analytics, Security Information and Event Management (SIEM), or other incident response tools.
The Qosmos Probe leverages the power of ixEngine, the most powerful DPI engine on the market, to deliver best in class traffic intelligence:
- Complete visibility up to the application level (OSI layer 7)
- Classification of 3000+ protocols
- Extraction of 5000+ application metadata
- Flexible management interfaces with support for NETCONF, REST, CLI
- Information can be exported in multiple standard formats (CSV, IPFIX, JSON, etc.)
- Connectors for open source databases (Elasticsearch, InfluxDB, etc.)
- Cloud-native architecture suitable for virtualized environments (OpenStack, VMware) and cloud-based applications
The benefits of the Enea Qosmos Probe for SOCs include:
- Improved threat hunting capabilities based on detailed real-time traffic information
- Size of forensic data reduced by up to 150x compared to full packet capture (FPC)
- Less false positives when using information from the DPI sensor to improve rules for Intrusion Detection and Prevention Systems (IDPS)
"Cyber threats are becoming increasingly sophisticated and therefore Security Operations Centers need highly effective detection capabilities," said Jean-Philippe Lion, Senior Vice President of the DPI Business Unit at Enea. "The Qosmos probe is an essential source of information to identify and protect against the most advanced attacks."
For further information, see https://qosmos.com/cybersecurity/dpi-sensor-for-threat-hunting/
SVP Marketing & Communication, Enea
This information was brought to you by Cision http://news.cision.com
The following files are available for download: