When the leadership team at Stamus Networks sat down to discuss our core principles we had to consider not only who we were serving, but why we wanted to support them and how we intend to do it. In cybersecurity people typically fall into one of two opposing groups: red team or blue team. Red team is centered on attacking, and their primary role often involves exercises like penetration testing. The blue team, on the other hand, are tasked with protecting critical assets from threats.
Our product naturally supports the blue team, as our Stamus Security Platform equips defenders with more effective network detection without the noise of a classic intrusion detection system (IDS). The desire to deliver tools to blue team professionals so they can be heroes in their organizations is the driver behind this core principle:
Celebrate the Defenders
The red team tends to get all the attention and glory in the media. This is understandable. The hype in our industry tends to favor attacks, breaches, and frequent news on the growing number of threats. Our founders did not want to feed into this hype or use fear as a tactic to sell or promote our products. Instead, they wanted to provide resources and tools which could be a part of the solution rather than the problem. To do this they developed the Stamus Security Platform, which enables blue team defenders to better monitor their network and identify threats before they can do any damage.
To read co-founder Eric Leblond's interview on celebrating defenders, head over to Global Security Mag.
The red team players are the ones most often glamorized in the media, while being a defender is often a thankless job. In fact, when the blue team does end up in the press, it is usually in conjunction with a breach or some other failure. As a company started by defenders with the goal of supporting other defenders, we at Stamus Networks want to change that.
Our goal is to give credit where credit is due, and make sure that defenders around the world are recognized for their efforts. On any given day, they stop countless attacks. The reality is that most of your co-workers likely wouldn’t know that they are a part of your organization unless they happened to miss something. They are the silent protectors. We want to do our part to tell their stories, since no one else does.
Conclusion
While this principle may seem like a small, self-explanatory value, it is actually a high priority for us. Celebrating the defenders goes beyond just praising them and publicly recognizing the things they do. It is also about providing support and resources to current defenders, while also promoting the job and trying to grow the defender community. It seems like every new computer science student wants to learn how to “hack”, but we want to be part of making defense an attractive, fulfilling, and noble career option as well. Truthfully, we have not practiced this as well as we would’ve liked to up until now, but we plan to change that going forward, and you should see a lot more about this in the coming months.
Network defense isn’t just something we do. It is who we are. And celebrating defenders just comes naturally to us.
To learn more about why Stamus Networks developed this and the other core principles, check out the introduction to this series.