NetQuest and ElastiFlow Deliver 100G Encrypted Traffic Analysis for Threat Hunting at Telco Scale
Streaming Network Sensors support unprecedented Network Visibility into TLS and QUIC Traffic for eliminating rising security blind spots.
Mount Laurel, NJ, June 09, 2022 --(PR.com)-- NetQuest Corporation, a global leader of advanced cyber intelligence solutions, and ElastiFlow, a market leader of security analytics for open data platforms, today announced support for analysis of 100G encrypted traffic links for critical network security missions requiring scale. NetQuest’s SNS1000 Streaming Network Sensor’s new encrypted traffic analysis feature extracts real-time intelligence from TLS, QUIC, SSH and other network encryption protocols. The sensor delivers this information as streaming metadata to ElastiFlow’s Unified Flow Collector for use in web-scale threat hunting applications intended to keep the public internet clean from botnet campaigns and nation sponsored attacks.
“The surge in encrypted traffic is rendering blind most traditional security tools, making this a perfect time for our SNS1000 sensor’s Encrypted Traffic Analysis feature set,” said Jesse Price, CEO of NetQuest Corporation. “We couldn’t be more excited to address one of the most critical network security concerns our customers face: declining visibility into threats.”
With an expanded attack surface and the volume of encrypted traffic on the public internet rising above 80%, SecOps teams require advanced visibility solutions that can help detect threat actors purposely hiding behind standard encryption protocols. Global telecommunications providers are challenged to evolve their network analysis techniques while monitoring a staggering scale of millions of parallel conversations.
The Encrypted Traffic Analysis feature set includes:
· Machine learning and other behavioral based techniques to identify 2,500+ Layer 7 applications in encrypted and evasive traffic flows.
· Protocol-specific intelligence extracted from standard TLS and QUIC handshakes including version information, ciphers and other details from the exchanged encryption certificate.
· Identify flow-based fingerprints such as JA3 and HASSH for matching to known indicators of compromise (IoC).
"As the use of encryption continues to rise, defenders need increased visibility into encrypted network flows to separate legitimate behavior from malicious activity when decryption is not an option," said Rob Cowart, Founder and CEO of ElastiFlow. "This is not just about network traffic analysis, this is about a layering of data and insights that our users need to access in order to make critical security decisions."
NetQuest and ElastiFlow will be presenting a product demonstration at this week’s RSA Conference in San Francisco. The joint application streams intelligence from encrypted TLS and QUIC traffic links operating at 100G. The NetQuest Streaming Network Sensor generates unsampled flow records accounting for 100% of encrypted traffic conversations including insightful metadata unique to the encryption protocol in use. The metadata is transformed and enriched by the ElastiFlow Unified Flow Collector for analysis and real-time threat hunting in the Elastic security stack.
Find out more information about NetQuest’s Streaming Network Sensors at: https://netquestcorp.com/products/streaming-network-sensors
Find out more information about ElastiFlow’s Unified Flow Collector at: https://www.elastiflow.com/product
About NetQuest
NetQuest designs, manufactures and markets advanced cyber intelligence solutions to network service providers, large enterprises and government agencies for national defense and network security applications. Founded in 1987 and based in Mount Laurel, New Jersey, NetQuest is an employee-owned business. With a 30-year track record of providing cutting edge cyber solutions, NetQuest has developed a global customer base, marketing directly and through a network of strategic partners, value-added resellers and representatives.
About ElastiFlow
ElastiFlow delivers the world's most scalable and performant network performance and security analytics solutions. Networks and the people who engineer, deploy and maintain them, are the unsung heroes of the modern world in which we live. Whether for business, healthcare, entertainment or social connection, we all depend on the reliability, performance and security of network infrastructure. With support for over 6700 network traffic attributes from 100s of vendors, ElastiFlow was created to provide the visibility and insights necessary to make this world possible.
“The surge in encrypted traffic is rendering blind most traditional security tools, making this a perfect time for our SNS1000 sensor’s Encrypted Traffic Analysis feature set,” said Jesse Price, CEO of NetQuest Corporation. “We couldn’t be more excited to address one of the most critical network security concerns our customers face: declining visibility into threats.”
With an expanded attack surface and the volume of encrypted traffic on the public internet rising above 80%, SecOps teams require advanced visibility solutions that can help detect threat actors purposely hiding behind standard encryption protocols. Global telecommunications providers are challenged to evolve their network analysis techniques while monitoring a staggering scale of millions of parallel conversations.
The Encrypted Traffic Analysis feature set includes:
· Machine learning and other behavioral based techniques to identify 2,500+ Layer 7 applications in encrypted and evasive traffic flows.
· Protocol-specific intelligence extracted from standard TLS and QUIC handshakes including version information, ciphers and other details from the exchanged encryption certificate.
· Identify flow-based fingerprints such as JA3 and HASSH for matching to known indicators of compromise (IoC).
"As the use of encryption continues to rise, defenders need increased visibility into encrypted network flows to separate legitimate behavior from malicious activity when decryption is not an option," said Rob Cowart, Founder and CEO of ElastiFlow. "This is not just about network traffic analysis, this is about a layering of data and insights that our users need to access in order to make critical security decisions."
NetQuest and ElastiFlow will be presenting a product demonstration at this week’s RSA Conference in San Francisco. The joint application streams intelligence from encrypted TLS and QUIC traffic links operating at 100G. The NetQuest Streaming Network Sensor generates unsampled flow records accounting for 100% of encrypted traffic conversations including insightful metadata unique to the encryption protocol in use. The metadata is transformed and enriched by the ElastiFlow Unified Flow Collector for analysis and real-time threat hunting in the Elastic security stack.
Find out more information about NetQuest’s Streaming Network Sensors at: https://netquestcorp.com/products/streaming-network-sensors
Find out more information about ElastiFlow’s Unified Flow Collector at: https://www.elastiflow.com/product
About NetQuest
NetQuest designs, manufactures and markets advanced cyber intelligence solutions to network service providers, large enterprises and government agencies for national defense and network security applications. Founded in 1987 and based in Mount Laurel, New Jersey, NetQuest is an employee-owned business. With a 30-year track record of providing cutting edge cyber solutions, NetQuest has developed a global customer base, marketing directly and through a network of strategic partners, value-added resellers and representatives.
About ElastiFlow
ElastiFlow delivers the world's most scalable and performant network performance and security analytics solutions. Networks and the people who engineer, deploy and maintain them, are the unsung heroes of the modern world in which we live. Whether for business, healthcare, entertainment or social connection, we all depend on the reliability, performance and security of network infrastructure. With support for over 6700 network traffic attributes from 100s of vendors, ElastiFlow was created to provide the visibility and insights necessary to make this world possible.
Contact
NetQuest Corporation
Zachary Ziobro
856-866-0860
https://netquestcorp.com
Contact
Zachary Ziobro
856-866-0860
https://netquestcorp.com
Categories