Real-Time Threat Detection for National Security

National security leaders understand that early detection of a cyber attack is essential to keeping our nation protected. Threats are mounting in numbers, sophistication, increased speed, and malicious effects. The Department of Defense has more than 15,000 networks across the globe and must keep pace with—and ahead of—these threats. This is an achievable, but daunting challenge.

Today’s approaches must be smart and adaptable to identify previously known and unknown threats in real time before they manifest into malicious behaviors that cause harm. Intrusion detection can no longer focus primarily on finding specific markers of past threats. It now must analyze anomalous patterns of digital activity from origination to endpoint (at the data packet and port level) that appear to signal malicious intentions, regardless of whether that activity is generated by known threats.

Booz Allen offers this in its active network defense capability, StreamEngine.

To diagnose likely attacks in progress, StreamEngine provides a combination of advanced streaming capabilities that ingest network traffic as it occurs, novel approaches to identify meaningful anomalies in that traffic, and predictive analytics. By incorporating unparalleled processing speeds and advanced analytical capabilities, intrusion detection becomes far more accelerated, efficient, and broader in reach than traditional intrusion detection systems at blocking malicious activity, while weeding out distracting false positives.

After pinpointing abnormal activity, StreamEngine continuously monitors the probability that the ongoing sequence of activity is proceeding toward a malicious outcome and, as that probability escalates to a certain threshold, intervenes with an alert. This powerful predictive capability leads to far faster, more accurate results.