What do you get when you cross government grants with some engineering students at an Ivy League university? CounterStorm, a company formed to "productize" security technologies developed under grants from the Defense Advanced Research Projects Agency (DARPA).
At the RSA Conference last week, CounterStorm's Matt Miller (VP of engineering) and Bryan Bain (marketing) told me about the company's newest product: a statistical payload analysis (SPA) engine that's designed to identify cyber crime attacks that target a specific company or industry. According to CounterStorm, intrusion detection and prevention systems can't detect many of these customized attacks, which are on the rise. SPA examines the application layer of the network stack (Layer 7) and "dynamically builds a model for each application, flow direction, and packet size to establish a baseline of normal content usage." Deviations from the norm are a sign of malicious activity.
SPA was developed under grants from the Departments of Homeland Security and Defense to specifically uncover targeted, low-profile attacks. It's available as an add-on for CounterStorm-1 appliance customers and for partner companies that integrate CounterStorm's Active Threat Recognition SDK into their products. You can learn more at http://www.counterstorm.com.
