This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production.
When Boeing acquired Narus in 2010, it was one of the few acquisitions of a Silicon Valley IT security company by a major defense contractor. At the RSA Conference 2014 I caught up with Narus President John Trobough.
Trobough correctly points out that a hot topic at RSAC this year was reducing the time to resolution of a security breach. It is only in the last three years that most enterprises have begun to realize that fending off targeted attacks requires a lot more effort than the typical tasks of security operations.
Configuring firewalls, tuning IPS, and reviewing IDS and SIEM logs on a regular basis is not enough. Continuous network monitoring for unusual behavior is required.
Narus is a 10-year-old company that deployed its technology when “deep packet inspection” was the latest thing. DPI goes a step further than a stateful inspection firewall, it looks at enough of the packet to identify applications, and extract enough meta data to derive intelligence from the network. Meta data is not as voluminous as full packet capture solutions so storage and processing power does not have to be as great.
Trobough says that Narus has been investing heavily in machine learning, even working with 14 universities to establish fellowships. They have tackled the hardest problem in network security analytics which is real time analysis of network traffic.
By applying machine learning and analytics to network traffic the time-to-resolution can be significantly reduced. Many organizations do not even have the technology to detect when a breach has occurred, getting their first notice when Master Card or Visa informs them that they are the source of stolen credit cards being exploited in the market. Of course the goal is to detect the breach and stop the exfiltration of critical data.
Watch my interview with John Trobough to get the complete Narus story.