How Do You Sniff Out Cyber Threats?

I read recently that the nose isn’t very good at maintaining awareness of the smells around us constantly, however it excels at detecting changes in smells.  Kind of strange to think about, but it explains how someone can live in a house with a deadly natural gas leak for hours or days and not realize it.  This may be a strange thought to start out a blog on cyber security, but thinking about how we relate to the world around us can help to develop new ways to improve the speed, scale, cost, and accessible of security. So how do you sniff out cyber threats?

On the Scent

Large organizations actively collect log and network traffic data but often fail to establish a good baseline against which to detect changes.  Only 18% of large enterprises consider “baselining ‘normal’ behavior” an important objective for their organizations, according to recent research from The Enterprise Strategy Group. With all the talk about machine learning, artificial intelligence, behavior analysis of network traffic, one of the most basic ways to detect attacks is often overlooked.

Imagine if your company had visibility into a solid baseline of network traffic and could detect changes in that baseline.  Now, imagine bouncing that knowledge against the world of known sources of threats. You’d have a good chance at sniffing out dangerous threats. The cyber community often talks about solving the hard problem of finding a needle in a haystack, or if they are feeling really cheeky, a needle in a stack of needles.  The reality is most companies wouldn’t even see a massive semi-truck sitting in the haystack—because they don’t know the normal shape of the haystack!

The blame for this lack of insight does not fall entirely on companies. The cyber security community as a whole is intrinsically drawn to the hardest problems in cyber security, rather than instead of trying to find ways to do the most good as efficiently as possible.  If you took your average company—a technology consulting firm, a law office, rural hospital system, a regional energy company, or the local credit union—and asked them to build a log monitoring and threat intelligence system, the results would be lacking. There are a plethora of tools, both commercial and open source, and plenty of sources of threat intelligence ranging from free to very, very expensive.  However, tools alone do not make a good capability.  

Sweet Smell of Success

These are the problems that the team at Dark Cubed awake at night. Solving these problems is what drives us day in and day out.  We are proud to help everyday-companies develop a robust capability to understand their baseline of “normal” behavior and take action when an important change occurs. We have developed an approach to collecting and analyzing log data that is affordable, easy to install, and avoids the storage problem that typically comes with collecting massive amounts of data – without requiring companies to sign away their anonymity and privacy by sending all of their data to the cloud.

The Dark Cubed collection process is automatically correlated through a comprehensive, enterprise-grade threat analysis capability that occurs without requiring our customers to lift a finger. Through a patent-pending process that combines threat intelligence analytics, predictive analytics, and community analytics, we help our customers get nearly instant visibility into threats targeting their network—all while allowing complete privacy and anonymity.  The results are presented in a simple intuitive user interface that allows rapid discovery of threats.

Integrating into your company’s existing platforms such as Slack allows for convenient and easy-to-understand notifications. Our streamlined approach to blocking includes both inline blocking and one-click blocking through your company's existing firewall.

What matters to us at Dark Cubed is that we can help every company, large and small, develop a robust capability to understand what normal looks like, when things change from normal, and how to protect what matters most to them.  It makes us incredibly happy to hear our customers tell us that they are enjoying the fresh new smell of relief in the air.


1. http://mentalfloss.com/article/53526/how-do-our-noses-adjust-bad-smells
2. http://www.cisco.com/c/dam/en/us/products/collateral/security/stealthwatch/esg-research-insight.pdf