<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Clear NDR (formerly Stamus Security Platform) is an open and transparent Network Detection and Response (NDR) system that delivers: 

    • Clear Visibility - monitor activities across your entire attack surface
    • Clear Detection - transparent multilayer detections you can understand
    • Clear Evidence - everything you need to quickly resolve the incident
    • Clear Response - the confidence you need to automate your response

 

Can be deployed as a standalone NDR or integrated into an AI-enabled autonomous SOC

Clear NDR uses multi-layered transparent detection and response technologies — supported by extensive metadata and evidence.

SSP-U40-Monitor-Facing-Left
Learn More

A Critical Component of the AI-Powered Autonomous SOC

Clear NDR drives automation directly

ClearNDR-Direct-Response

Automate your threat response with high-fidelity declarations of compromise and policy violations based on multiple detection mechanisms — including artificial intelligence, machine learning, and advanced heuristics, as well as traditional signatures and loCs

Clear NDR feeds network data to AI-powered SIEM

ClearNDR-to-SIEM-Response-1

Combine powerful and efficient network insights from Clear NDR with endpoint and other data into your AI-powered SIEM for a more complete picture of your enterprise and advanced AI-enabled threat detection and response

Clear NDR in-cloud or on-premise – or both

Clear NDR consists of two components: Clear NDR Probe(s)™ and Clear NDR Central Server™, both of which may be deployed in private cloud, public cloud, on-premise, or hybrid environments.

ClearNDR-Deployment-Diagram

 

Your network "perimeter" has expanded dramatically and so has your attack surface. In order to eliminate blind spots, it is crucial to monitor the network for east-west and north-south traffic at all these sites. Clear NDR™ - Enterprise is designed to do just that.

 

 

Clear NDR Probes™

Clear NDR Probes inspect and analyze all network traffic using deep packet inspection (DPI) to perform real-time threat detection, enrich the resulting events with extensive metadata, and capture network protocol transactions, flow data, extracted files, and full packet capture (PCAPs).

The probe delivers all this data to the Clear NDR Central Server™ for additional analytics, processing, and another layer of threat detection.

 

Clear NDR Central Server™

Clear NDR Central Server provides the centralized management of the probes, third party threat intelligence and rulesets, consolidated event storage and a central integration point.

It includes an additional layer of machine learning and algorithmic threat detection, along with automated event triage – enabled by tagging and classification. Finally, the Clear NDR Central Server provides a powerful threat hunting and incident investigation user interface.

 

Request a Demo

Optimized Detection Technologies

Multiple detection mechanisms are required because no single technology can detect all threats

Detections-AI-Icon-Green

Artificial intelligence, machine learning, and statistical anomaly detection

Detections-Signature-Icon-Green

Traditional signature and indicator of compromise detections

Detections-Algorithm-Icon-Green

Advanced heuristics and additional algorithmic detections

Why Clear NDR™ - Enterprise?

High-fidelity threat declarations

By using multiple detection technologies and guided threat hunting you'll uncover even the weakest attack signals and unauthorized activities while minimizing false positives and alert fatigue.

Optional air-gapped deployment

Optionally deploy our central analytics system on your premise or datacenter – even in a completely air-gapped environment for total data sovereignty. 

Use our probes and/or your Suricata sensors

Supercharge your existing Suricata deployment? Start with your Suricata sensors, while you transition to the more advanced Stamus Network Probes

Transparent detections with detailed evidence

Understand exactly what triggered an event with a detailed attack timeline along with all the evidence needed to respond quickly and stop a breach before damage is done.

Open and extensible for your environment

Augment built-in detections with third party threat intel and signatures or develop your own custom detections (signatures or detection-as-code). Easily integrate into your security tech stack.

Built for enterprise-scale operations

Scales from a small stand-alone instance to multi-site, multi-100Gbps deployments integrated into your SOC/SIEM/SOAR while tracking activity of millions of hosts.

Simple and Straightforward Licensing

Software for your cloud, virtual machine, virtual appliance, or Stamus Networks Appliance

The annual software license is based on the line rate of the monitored probe connection. Licenses are available in increments of 1G, 10G, 40G, and 100G.

Each License Includes: 

  • Daily threat intelligence updates
  • Weekly summary of threat intel update reports
  • Technical support
  • Software updates, usually 4 each year including new features
  • Single License for probe and central server

 

NOTE: There is no additional charge for API access, integrations, number of users, or number of endpoints

 

Schedule a Demo of Clear NDR™ - Enterprise

Request a Demo

ABOUT STAMUS NETWORKS ™

Stamus Networks believes that cyber defense is bigger than any single person, platform, company, or technology. That’s why we leverage the power of community to deliver the next generation of open and transparent network defense. Trusted by security teams at the world’s most targeted organizations, our flagship offering – Clear NDR™ – empowers cyber defenders to uncover and stop serious threats and unauthorized network activity before they harm their organizations. Clear NDR helps defenders see more clearly and act more confidently through detection they can trust with results they can explain.

Indianapolis, USA Paris, France

Privacy

© 2014-2024 Stamus Networks, Inc. All rights Reserved.