The Qosmos Threat Detection Software Development Kit is Enea's innovative solution to the demand for more robust, adaptable, and high-performance network threat detection platforms.
ADVANCED THREAT DETECTION WITH SUPERIOR TRAFFIC VISIBILITY. Integrating with Enea's Qosmos ixEngine®, the market leading deep packet inspection engine, the Qosmos TD SDK enables developers to create threat detection solutions with unmatched traffic visibility and sophisticated analysis.
Recognizing over 4300 protocols and extracting 5900 metadata types, it provides comprehensive network activity insights to support in-depth, nuanced threat analysis.
The Qosmos ixEngine's advanced parsers and dissectors significantly help reduce false negatives in threat detection thanks to a much better protocol detection rate compared to standard solutions.
The Qosmos ixEngine is able to identify and classify encrypted and evasive traffic while detecting network anomalies.
This extended visibility enables solutions built with the Qosmos TD SDK to more effectively identify complex threats that systems based on traditional IDS might miss, and helps reduce false negatives and positives for more reliable threat detection.
UNMATCHED PERFORMANCE AND SCALABILITY FOR THREAT DETECTION. Network-based intrusion detection capabilities have become increasingly important as traditional network perimeters disappear, but open-source IDS are not natively engineered to meet the scalability and performance requirements of modern cloud environments.
The Qosmos TD SDK offers an innovative approach to these performance challenges.
Delivered as a software development kit, it leverages Suricata's industry-leading core IDS functionalities and combines them with the advanced packet inspection capabilities of the Qosmos ixEngine, thereby eliminating the need for double packet parsing.
An IDS built with the Qosmos TD SDK and the Qosmos ixEngine can execute efficient parsing of extracted metadata values - rather than full packets - in order to check for threat signature matches.
As a result, solutions built with the Qosmos TD SDK deliver up to double the performance of traditional solutions built using conventional IDS systems.
FLEXIBLE INTEGRATION AND CUSTOMIZABILITY. The availability of threat detection in a software development kit is unique in the industry.
The Qosmos TD SDK is the first to offer core IDS capabilities as a software component and provides cybersecurity software developers with greater flexibility and improved network protection through tight integration with third party solutions.
The Qosmos TD SDK supports standard open source rulesets and industry available rulesets with Suricata syntax, makingdeployment easier and reducing false positives/false negatives.
KEY BENEFITS. Achieve significantly better performance compared to standard IDS/IPS architectures Scale linearly across multiple CPU cores Eliminate double packet processing for DPI and IDS in multi-function platforms Reduce false positives through extended Enea Qosmos DPI-based network visibility Reduce false negatives through improved matching enabled by better parsers Create custom rules and improve results through the extended visibility of the Qosmos ixEngine, including recognition of enterprise protocols like LDAP, industrial IIoT/OT protocols, unique security metadata, and much more Focus the ruleset matching process on the relevant metadata instead of all packets.
OUR VERDICT. Enea's Qosmos Threat Detection SDK is not merely an incremental upgrade to existing security solutions; it is a strategic evolution tailored for the complexities of modern network architectures.
With the integration of the Qosmos TD SDK, double packet processing is eliminated, parsing speed is accelerated, and traffic insights are vastly expanded to fuel next-generation threat detection and custom rule development.
Enea's Qosmos technology is the most widely deployed Deep Packet Inspection technology in cybersecurity and networking solutions.
Enea Qosmos products classify traffic in real-time and provide granular information about network activities.
Enea also offers IDS-based threat detection capabilities as an SDK, enabling easy and tight integration with cybersecurity solutions while remaining highly flexible and scalable.
This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Tue, 09 Jan 2024 21:13:04 +0000