The New Generation Network Security and Monitoring Platform: Understand and Protect Your Network Like Never Before

In recent years we have witnessed a clear leap forward in the sophistication of cyber attacks.

Today, the most relevant cyber-threats come from motivated, well-funded and well-organized groups including criminal organizations, competitors, cyber terrorists/activists and even (foreign) government agencies.

Enterprises of all levels - financial institutions, government organizations, companies of all sizes - are more and more often finding themselves victims of sophisticated targeted attacks, ranging from elaborate DDoS to stealth infiltrations.

Notably, sophisticated attacks on organizations operating critical infrastructures are a significant new phenomenon that can lead to catastrophic consequences. Stuxnet (malware allegedly developed by a government agency specifically to disrupt the functioning of Iranian’s nuclear installations) is only the best-known of several examples.

Present security solutions (firewalls, intrusion detection/prevention systems) cannot cope with this level of sophistication. There is clearly a need for something completely new. SilentDefense is the answer to this need.

Current solutions fail to detect advanced threats

Today, common network-based tools for the detection and the mitigation of cyber attacks are intrusion detection/prevention systems (IDS/IPS), and Web Application Firewalls (WAF). These solutions are signature-based: they recognize an attack when it matches a previously defined signature of it.

By definition, signature-based systems can only deal with known threats (or simple variations of known threats) because a signature already exists. Signature-based systems fail to detect the latest and most advanced cyber threats (lack of accuracy), such as 0-day and targeted attacks, which are unknown and have no signature.

The future is signature-less

Today, after several years of research, a revolutionary and effective approach to intrusion detection has been developed: a signature-less system, which compares ongoing network traffic, and user activities to previously observed traffic and activities to identify anomalies that may indicate an attack.

Signature-less systems can and do detect 0-day and targeted attacks: IT researchers have known this for years but, since solutions developed before now never provided an adequate level of precision (high number of false alerts), they were not viable in real-world systems.

SecurityMatters has developed the answer

SecurityMatters has developed a technology called Deep Protocol Behavior Inspection (DPBI).

DPBI exploits the knowledge of the underlying network protocols and combines it with a signature-less analysis tailored to the content of each protocol field. This unique combination allows to boost the attack detection rate, while turning false alerts into a non-issue. SilentDefense is the first commercial network intrusion detection system that employs this revolutionary signature-less approach.

SilentDefense successfully matches and surpasses signature-based systems in terms of accuracy and previous signature-less systems in terms of usability and precision. SilentDefense simply works.

SilentDefense does not require prior knowledge of attack instances from which a system should be protected. SilentDefense has been specifically developed to protect organizations from the high-impact 0-day and targeted attacks.

SilentDefense can be used to protect your perimeter from external attacks, as well as on the internal network to detect the spreading of malware and internal abuses.

SilentDefense is meant to complement existing signature-based solutions to enhance threat coverage and protection. It can be seamlessly integrated in existing IT security infrastructures and does not require special configurations or changes to currently deployed solutions, minimizing acquisition costs.

A flexible and expandable platform

To provide a high degree of flexibility, users can add custom-made scripts in order to perform special/tailored checks. Users can add specific checks to fit their environment and thus expand the standard detection capabilities of SilentDefense.

Furthermore, SilentDefense includes several plug-ins that allow it to exchange information with other security systems, like a SIM/SIEM, and/or execute specific tasks, for instance sending an email or a text message when an alert is fired that matches certain user-defined rules.