Enea has launched the Enea Qosmos Threat Detection software development kit (SDK). This threat detection system has the potential to double performance in network-based cybersecurity solutions.
The Qosmos Threat Detection SDK enables the integration of Enea’s flagship deep packet inspection (DPI) engine, Qosmos ixEngine, with core intrusion detection system (IDS) capabilities drawn from Suricata, the widely trusted open-source IDS/intrusion prevention system (IPS) solution, significantly enhancing performance and scaling for large, multifunction cloud-based platforms.
The Qosmos Threat Detection SDK facilitates easy integration into third-party software developed by cybersecurity solution vendors, large organisations, and managed service providers, and enables the creation of custom rules tailored to unique network environments. The Qosmos Threat Detection SDK is fully scalable, ensuring customers benefit from simplified licensing, improved accessibility, and optimised operating costs.
Cloud, internet of things (IoT), and remote working have transformed cybersecurity and accelerated the development of cloud-based, multifunction security platforms. These platforms have extreme performance demands and require detailed, real-time traffic visibility based on a far broader range of protocols and applications. By drawing on the DPI-based traffic visibility of Qosmos ixEngine and combining it with core IDS functionalities, Qosmos Threat Detection SDK meets these challenges. It delivers cybersecurity performance improvements up to twofold from traditional IDS/IPS systems. It leverages a single network traffic visibility function, eliminating the need for dual packet processing, and ensures highly efficient network traffic data processing at scale without compromising speed.
The integration with Enea’s Qosmos ixEngine, the de facto industry standard for embedded DPI, delivers superior traffic visibility. In particular, the software development kit enables improved visibility into encrypted and evasive traffic, which, in turn, greatly boosts overall malware and threat detection, and it significantly reduces false positives through improved parsing. Customers can further use this enhanced visibility to improve security performance by creating custom rules tailored to their environments.
The Qosmos Threat Detection SDK was built out of direct feedback and collaboration with customers as a result of a growing need identified in the market. Two leading vendors have already deployed it, with increasing interest from Enea’s customer base.
Commenting on the launch, Jean-Pierre Coury, vice president, Enea Traffic Intelligence, said, “Faced with the performance and scale requirements of today’s cloud-centric, multifunction IT platforms, traditional IDS/IPS systems are falling behind. Enea Qosmos Threat Detection SDK meets these challenges with a threat detection engine delivered in the format of a software development kit capable of tight integration with third-party solutions, easy customisation, and radically improved cybersecurity performance.”
Meanwhile, Roy Chua, founder and principal, AvidThink, said, “Modern cybersecurity models such as zero-trust networking access and extended detection response pivot around DPI, a trusted technology we all know, but one that is evolved to meet the needs of the threat landscape today. A strong DPI engine is central to high-performance threat detection. Not only does it enable visibility into network traffic, but it also provides the intelligence around which to base custom rules that customers can tailor to their specific environments.”