Stamus Networks also joins the new Infoblox Ecosystem Program to enhance threat detection and response through seamless integration
LAS VEGAS, Aug. 7, 2024 /PRNewswire/ — Stamus Networks, a global provider of high-performance network-based threat detection and response (NDR) systems, announced today at Black Hat USA the integration of Infoblox BloxOne® Threat Defense threat intelligence feed and active indicators into the Stamus Security Platform™, the company’s flagship NDR system. This powerful combination allows users to achieve enhanced threat coverage by detecting threats and unauthorized activity linked to suspicious and known-bad hosts in both DNS-based and non-DNS based network communications.
Inner Workings of Extended Threat Coverage
Infoblox BloxOne Threat Defense active indicators and the Stamus Security Platform work together to identify network communications with malicious hosts. The integration uses a series of periodic API calls to extract threat intelligence from Infoblox BloxOne Threat Defense and update a DNS-based threat intelligence feed that can be pulled into the Stamus Security Platform.
There is also an optional Declaration of Compromise™ (DoC) definition for the Stamus Security Platform, which may be used to trigger a notification or an automated response when the NDR system identifies devices on the network using any protocol to communicate with hosts or domains included in the Infoblox BloxOne Threat Defense active indicators feed.
Key benefits include:
- Real-time threat intelligence integration – Stamus Security Platform customers gain a powerful new source of up-to-the-minute threat intelligence to identify malicious and unauthorized activity on the network.
- Comprehensive threat visibility – Joint Infoblox and Stamus Networks customers can now benefit from streamlined threat detection and improved visibility into their network activity. This enhanced visibility helps customers monitor traffic patterns, detect suspicious behavior more accurately, and gain a comprehensive view of potential security threats across their network.
- Enhanced detection and alerts – By monitoring active indicator domain activity on protocols such as HTTP and TLS, the Stamus Security Platform can detect and alert on actual connections to potentially harmful domains.
“Cybercriminals collaborate to execute attacks, so the cybersecurity industry must unite to defend against them,” said Stamus Networks CEO Ken Gramley. “We are working closely with Infoblox to enhance our integration with advanced data enrichment and automated responses. This collaboration helps security experts identify and address threats more proactively, respond faster to incidents, and strengthen overall security.”
Participation in the Infoblox Ecosystem Program
The integration of Infoblox BloxOne Threat Defense active indicators into the Stamus Security Platform marks the first milestone in Stamus Networks’ participation in the Infoblox Ecosystem Program. The Infoblox Ecosystem offers a set of integrations that unifies organizations’ security ecosystem, enabling seamless data exchange and automated response across diverse solutions. The integrations enable the broader cybersecurity ecosystem to work in unison to detect and remediate threats and empower organizations to eliminate silos, optimize security orchestration automation and response (SOAR) solutions, and enhance threat detection and response.
“We welcome Stamus Networks to the Infoblox Ecosystem Program,” said Seshamani Narasimhan, vice president, Corporate Strategy and Partnerships, Infoblox. “Their certified integration will enable more security teams worldwide to benefit from the east-west network visibility and NDR capabilities of the Stamus Security Platform.”
To learn more about the integration, visit Stamus Networks at Black Hat USA in booth 2919 or hear Phil Owens, Stamus Networks’ vice president of customer solutions, speak at the Infoblox booth 2540 on Thursday, August 8, 2024, at 11:30 a.m. PST.
For further information, read the Integration Brief.
About Stamus Networks:
Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful. The global leader in Suricata-based network security solutions, Stamus Networks helps enterprise security teams know more, respond sooner, and mitigate their risk with insights gathered from cloud and on-premise network activity. Our Stamus Security Platform combines the best of intrusion detection (IDS), network security monitoring (NSM), and network detection and response (NDR) systems into a single solution that exposes serious and imminent threats to critical assets and empowers rapid response. For more information visit: stamus-networks.com.
Note: BloxOne is a registered trademark of Infoblox.
SOURCE Stamus Networks