Blog

Introducing Threat Detection as an SDK

A Ground-Breaking New Solution for Tighter IDS Integration with Higher Performance

In a relatively short timeframe, the networking landscape has undergone a huge transformation with users and devices moving out of the office as data, applications, and infrastructure have moved to the cloud. To secure this new world, cybersecurity solutions have also migrated to the cloud and they have taken essential security components with them. This includes network-based intrusion detection systems (IDS).

Already an essential element in the network security toolbox, IDS has become even more important as traditional network perimeters – and perimeter defenses – disappear. However, conventional IDS was not natively engineered to meet the scalability and performance demands of the cloud or multifunction security solutions such as UTMs, nor to natively recognize the vast array of applications and protocols used in today’s hybrid IoT/IT, everything-as-a-service world.

As cyber attacks become more sophisticated, cybersecurity solution developers need a new approach to IDS that meets all of today’s technical and functional threat detection needs.

The answer is the groundbreaking Enea Qosmos Threat Detection SDK (TD SDK). Designed with cybersecurity software developers in mind, Qosmos TD SDK is a new type of threat detection tool. It embeds core functionalities from the industry’s best-in-breed IDS, Suricata, in a software development kit (SDK) that tightly integrates with the industry’s best-in-breed traffic visibility engine, Enea Qosmos ixEngine. With this integration, double packet processing is eliminated, parsing speed is accelerated, and traffic insights are vastly expanded to fuel next-generation threat detection and custom rule development.

The result is a threat detection engine that boasts higher technical and functional performance than open source IDS, fewer false negatives, improved accuracy, adaptability, scalability and simplified distribution.

Enea Qosmos TD SDK Benefits:

  • Tight Integration into 3rd Party Software

Delivered as a software component (SDK) with an IDS solutions-based approach, Qosmos TD SDK enables easy and tight integration into encompassing cybersecurity solutions while remaining flexible and scalable.

  • Up to 2x Better Performance

Qosmos TD SDK eliminates double packet processing for deep packet inspection (DPI) and IDS, optimizing resources and streamlining overheads. Thanks to Enea’s Qosmos ixEngine packet acquisition and parsing library, parsing speed is accelerated, and traffic insights are vastly expanded to fuel next-generation threat detection and custom rule development. There is much higher native throughput than traditional IDS, resulting in important functional performance gains.

  • Fewer False Negatives & False Positives

Full traffic visibility, even in encrypted traffic, better parsers, and the ability to customize rulesets reduces the number of false negatives and false positives, delivering more accurate and rapid threat detection.

  • Plug & Play Rulesets

Qosmos TD SDK supports standard rulesets with Suricata syntax, facilitating deployment. Qosmos ixEngine metadata is made available in rules syntax further improving threat detection while simplifying integration.

 

Enea Qosmos Threat Detection SDK helps cybersecurity software developers achieve the extreme scalability, performance, accuracy and innovation required for success in today’s network landscape.

Find out more about Enea’s Qosmos TD SDK:

Related insights

State of Network Threat Detection Report

On-Demand Webinar: 2024 State of Network Threat Detection: Enabling Security to Keep Up with Business & Network Transformations

Read more

Tags: AI, Cloud Security, Cybersecurity, Deep Packet Inspection, Intrusion Detection, Security, Threat Detection

Why Custocy Chose Enea's DPI & Threat Detection Technology for its AI NDR Solution

Why Custocy Chose Enea’s DPI & Threat Detection Technology for its AI NDR Solution

Read more

Tags: AI, Cybersecurity, IDS, Intrusion Detection, NDR, NIDS, Threat Detection

State of Network Threat Detection Report

2024 State of Network Threat Detection Report

Read more

Tags: AI, Cybersecurity, Deep Packet Inspection, IDS, Intrusion Detection, NDR, Network Security, NIDS, Threat Detection

Custocy Presents Their Pioneering AI NDR & How Enea’s Next-Gen DPI Boosts Their Solution Performance

Custocy Presents Their Pioneering AI NDR & How Enea’s Next-Gen DPI Boosts Their Solution Performance

Read more

Tags: AI, Cybersecurity, IDS, Intrusion Detection, NDR, NIDS, Threat Detection

How Can Solution Vendors Raise Network Detection and Response (NDR) Performance to Secure Market Share?

How Can Solution Vendors Raise Network Detection and Response (NDR) Performance to Secure Market Share?

Read more

Tags: AI, Cybersecurity, IDS, Intrusion Detection, NDR, NIDS, Threat Detection