The new release represents a significant enhancement to the company’s flagship Stamus Security Platform (SSP), aimed at giving defenders earlier detection of cyber threats and clearly presenting the comprehensive evidence required to quickly resolve an incident.
In recent years, the threat landscape has evolved to include sophisticated supply chain and ransomware attacks led by nation states and organized criminals. These changes have created an urgent need for organizations to uncover these threats quickly and effectively.
These threats can easily be missed by existing host and endpoint-based systems. And since nearly all cyber threats generate communications that can be observed on the network, proactive cyber defense teams are deploying modern network-based threat detection and response systems such as Stamus Security Platform to help them eliminate blind spots, react sooner, and mitigate risk.
With U38, Stamus Security Platform gains substantial improvements in four areas:
- Automated threat detection – new machine learning and algorithmic detection mechanisms identify suspicious activity, lateral movement, and malware command and control communications in sophisticated encrypted environments.
- Guided threat hunting – added pre-built hunting filters that can be used to help guide the analyst in a hunt for lateral movement or data exfiltration. Users may now save and export custom hunting filters, making it easy to backup, restore, and share these filters.
- Evidence enrichment – new automated role identification, suspicious file extraction, and expanded attack timeline provide the analyst with additional tools to accelerate prioritization and investigation.
- User experience – new streamlined interface presents a more task-oriented user experience to increase productivity and clarify results.
“This new SSP release was inspired by our recent experiences in the last two NATO live-fire cyber exercises conducted by the Cooperative Cyber Defence Centre of Excellence (CCDCOE) and requests from our growing customer base,” said Ken Gramley, CEO of Stamus Networks. “In addition to powerful new anomaly and beacon detection mechanisms, we added a number of capabilities specifically designed to streamline incident investigation and response.”