Stamus Networks

Additional features

Clear Visibility

Monitors activities across the entire network attack surface, providing comprehensive insight to detect threats that other security controls might miss.

Clear Detection (Multi-Layer)

Uses a combination of detection technologies, including AI, machine learning, advanced heuristics, traditional signatures, and IoCs, to offer transparent and understandable threat detections.

Clear Evidence

Provides detailed attack timelines and complete evidentiary artifacts for every security event, aiding in rapid incident resolution.

Explainable, Transparent Results

Shows the underlying detection algorithms and reasoning behind alerts, allowing security teams to fully understand why a threat was flagged.

High-Fidelity Threat Declarations (DoC/DoPV)

Delivers high-confidence "Declarations of Compromise™" (DoC) for serious threats and "Declarations of Policy Violations™" (DoPV) for unauthorized activity, reducing alert fatigue.

SOC Automation & Force Multiplier

Designed to either directly automate threat responses based on high-fidelity declarations or feed rich network data to AI-powered SIEMs for an advanced, automated security operations center.

Open and Extensible Platform

Built on an open architecture (including Suricata) that allows for seamless integration with existing security tools (SIEM, SOAR, EDR) and the ingestion of third-party threat intelligence.

Customizable Threat Detection

Enables organizations to customize threat detection algorithms and even contribute to the underlying code for a tailored defense.

Guided Threat Hunting

Provides intuitive tools and pre-built queries to proactively search for and uncover hidden threats, such as C2 communications, malware, or misconfigurations.

Flexible Deployment

Can be deployed in the cloud or on-premise, with an optional air-gapped deployment for complete data sovereignty.

Scalable for Enterprise Operations

Designed to scale from small standalone instances to multi-site, multi-100Gbps deployments, tracking activity for millions of hosts.

Suricata-based

Leverages the powerful Suricata engine, allowing for integration with existing Suricata sensors or deployment of Stamus Networks' dedicated probes.

Unified Code Base (Community & Enterprise)

Combines their open-source Community edition (formerly SELKS) and Enterprise edition into a single architecture for accelerated innovation and consistent features.

Improved User Interface

Features a redesigned, intuitive, and responsive user interface common across both Community and Enterprise editions for a consistent user experience.

Simplified Installation & Maintenance

Offers easier installation, maintenance, and upgrade processes, including command-line tools like stamusctl.

Rich Network Data Collection

Captures extensive network metadata crucial for comprehensive analysis and threat hunting.