As cyber attacks against public cyberspace and national infrastructure become increasingly sophisticated, effective threat analytics require accurate and detailed input from different sources. One key source of information is the network traffic itself. The more detailed the traffic visibility available to analytics solutions, the more accurate the detection and investigation capabilities will be.
A sensor (or software probe) using Deep Packet Inspection (DPI) provides the most granular detail available, delivering a complete picture of activity in any size network. By passively capturing packets, detecting applications, parsing protocols, and extracting traffic metadata, it can significantly improve detection of attacks and raise the performance of proactive threat hunting.
The Qosmos Probe is a DPI sensor that embeds the market-leading DPI engine, Qosmos ixEngine®. It leverages years of experience in cyber defense environments and is a key component of the security technology stack for government-run Security Operations Centers (SOCs). For these sensitive environments, combining DPI information with a proprietary, confidential solution creates an additional layer of security, complementing turnkey commercial products such as IDS, which have technical capabilities that can be known by attackers.
Example of Qosmos Probe DPI Sensor in a Cyber Defense SOC
1. A rich information feed to strengthen threat analytics
2. An expert tool for network forensics and threat hunting
The Qosmos Probe won Cyber Defense Magazine’s 2019 InfoSec Awards for most Innovative product in Forensics and most Cutting Edge product in Threat Hunting.
