In developing our core principles, the leadership team at Stamus Networks discussed the way we view technology internally, how we ideate the development of our commercial technologies, and how those technologies are used within the information security industry as a whole. We noticed that sometimes companies apply technologies for problems that would have been solved more effectively in a different way. As I described in an earlier post, we strive to deliver the most useful detection possible. In order to achieve that objective, we routinely make very deliberate and practical technology choices. Examples like this helped us identify our third core principle:
Apply the right technology to the right problem
We practice this principle in two ways. First, we look for simple technology solutions that help us streamline our daily operations. For example, rather than using email for our daily internal communications, we use a more efficient channel-based messaging system. We have found that using technology for its intended purpose is nearly always the better option than trying to make a single platform a “one size fits all” solution. Decisions like this may require us to learn multiple systems, but – at least for us – the decision to use a purpose-built tool pays off quickly by making us more effective and efficient.
The second way we apply this principle is arguably even more important. To preface, it is not uncommon to see businesses in the cybersecurity space hyping up certain technologies as the most effective way to defend the network. We work hard to avoid hype and exaggeration [include hyperlink], so we prefer not to create a “one size fits all” solution. For example, the use of machine learning in threat detection is incredibly effective in certain situations, but is not so useful – and in some cases, incredibly ineffective – in others. Rather than use a single technology for all of our detection, we choose to apply different detection engines to the problems they are best suited to solve.
We even apply this principle to our customer relationships. For example, we recognize that our platform may not always be the best solution for every customer problem. While we work relentlessly to deliver the best network-based detection possible, you won’t see us claim to be an effective solution for another realm in the cyber world like information security. We know our lane, and we stay in it – working to improve the capabilities of our platform to better solve the problems that can be uncovered by closely examining network traffic. By providing the right tool for the right problem, we can present a much more effective offering.
Finally, we also provide free, open-source network security solutions that may be well- suited for some organizations and some particular applications, and we recommend those solutions when we see a good fit. If you are a smaller organization, or new to cyber security and learning how different tools work, you should absolutely take a look at our SELKS platform.
Conclusion
You may have noticed by now that our core principles tend to fit a theme. And they all seem to point back to the first two: “Deliver the most useful detection, period” and “Show respect and integrity in everything that we do”. The core principle described in this article builds upon those first two, and offers an example of how we apply those principles in our daily work.
To learn more about why we developed these core principles in the first place, read the introduction to this series.