Cyber Security Insights for Resilient Digital Defence

Integrity360 launches Managed dSOC Services

Integrity360, a pan-European cyber security specialist, today announced the launch of its Managed dSOC Services, an advanced security monitoring solution powered by Darktrace's AI-driven technology and Integrity360’s cyber security expertise. The partnership allows Darktrace customers to gain access to an expert team dedicated to ensuring continuous, real-time monitoring, with around-the-clock expertise that internal teams may lack and to fully optimise and benefit from the capabilities of the platform. The Managed dSOC Services are tailored to support businesses with proactive threat detection, rapid incident response, and continuous optimisation of their security investments, ensuring comprehensive protection against constantly evolving threats. According to a recent report from Gartner, organisations that do not optimise and manage their cyber security solutions effectively may see a 30% increase in security incidents over the next three years. Integrity360’s Managed dSOC Service directly addresses this challenge by offering a fully managed service that takes the burden off internal teams, allowing businesses to focus on growth while ensuring optimal protection. Eloina Pesce, Vice President of Channel, Darktrace, comments, “As organisations look to invest in AI-driven security tools like Darktrace, their internal teams may lack the time or skills to fully leverage them to their greatest benefit. Integrity360’s Managed dSOC fills a crucial gap for those organisations, helping them maximise their cyber security posture and reduce risk. “Not only that, but Integrity360 experts build on the Darktrace ActiveAI Security Platform’s AI-driven detection and response with tailored services like proactive threat hunting and enhanced breach monitoring to provide an even greater level of protection.” For Integrity360’s Darktrace customers, Integrity360’s Managed dSOC Services represent a critical enhancement to their cyber security investment. Darktrace’s platform, powered by advanced AI, offers unparalleled threat detection and real-time security insights. Augmenting this with Integrity360’s service capacity and expertise to fully manage the system will help organisations harness the platform’s full potential. Companies with a managed service like Managed dSOC will experience enhanced security optimisation, increasing further their return on investment from their Darktrace platform. Integrity360’s Managed dSOC enables customers to fully capitalise on the benefits of their Darktrace investment, from 24/7 active monitoring to bespoke reporting and continuous AI model optimisation, ensuring clients not only detect threats in real time but also respond swiftly and strategically. With Integrity360’s specialised support, organisations can rest assured that their Darktrace environment is optimally configured, continually adapting to emerging cyber threats, and delivering maximum risk reduction. “Through our partnership with Darktrace, we’re bringing an unmatched level of expertise and proactive support to our clients, allowing them to unlock the full potential of their cyber security investment,” says Brian Martin, Director of Product Management at Integrity360. “Nobody else can extract the same level of value out of the investment that we can, with this level of service and expertise underpinning it 24x7. Our Managed dSOC service suite brings this additional value within reach of all organisations irrespective of size, resources, or skill levels.” The Managed dSOC service goes beyond traditional security operations by not only managing day-to-day monitoring, but also providing ongoing tuning and optimisation, incident support, and threat analysis to keep clients’ defences agile and aligned with current threats. Integrity360’s Managed dSOC Services are available in three distinct tiers:• Managed dSOC: Core operational monitoring and breach detection, with daily reports for complete visibility and monthly health check• Managed dSOC+: Adds 24/7 active monitoring, high-value asset tagging, and periodic threat reviews for a more robust approach to security• Managed dSOC + MDR: Delivers advanced capabilities including threat response and proactive threat hunting These flexible options allow businesses to select the level of support they require, from foundational monitoring to advanced threat detection and response, ensuring scalability as needs evolve. Cyber security requires rigorous oversight and constant adaptation to new risks and Integrity360’s Managed dSOC Service addresses a prevalent universal challenge for most organisations: the cyber security skills and resource gap. Integrity360’s dedicated team of Darktrace experts ensures that every deployment is tailored to the client’s specific needs, refining configurations and implementing high-value security protocols to reduce exposure and enhance incident management. As threats like ransomware, advanced phishing attacks, and supply chain compromises continue to surge, Integrity360’s Managed dSOC Services offer an essential service for companies seeking to strengthen their security posture while mitigating the complexity associated with managing AI-driven solutions. Managed dSOC Services represent a critical tool for businesses in high-risk sectors such as finance, healthcare, retail, government, and more, providing a comprehensive solution that combines advanced AI capabilities with expert oversight. By maximising the potential of Darktrace, organisations can minimise risk and confidently protect their critical assets.

Aspire completes acquisition of CloudCoCo

Aspire Technology Solutions, a provider of managed IT, cyber security, and modern workplace technologies, has announced the acquisition of CloudCoCo, an experienced managed service provider headquartered in Leeds. The acquisition marks a strategic advancement in Aspire’s plan to expand its UK presence and further strengthen its ability to deliver managed IT services, robust security solutions, and integrated modern workplace technology to clients across multiple industries, from SME to enterprise. Building on Aspire’s successful acquisition of Cloud Cover IT in January 2024 - which expanded its footprint in Scotland and strengthened its service capabilities - CloudCoCo’s established relationships, skilled team, and expertise in managed IT, cloud, and unified communications will enable the Aspire Group to provide more tailored, responsive services that address the evolving needs of businesses across sectors. The acquisition will bring over £10 million in additional revenue and approximately 300 new customers to Aspire, setting the stage for future growth. Chris Fraser, Aspire CEO and Founder, comments, “While CloudCoCo has undergone a period of structural transition, what truly stood out to us was its strong relationships with its high-quality customer base and the expertise within its team. These strengths align perfectly with our commitment to delivering technology like no other. “This acquisition not only broadens our reach, but also enhances our ability to offer responsive, innovative solutions that meet the evolving needs of our clients. The CloudCoCo team will be an important part of Aspire’s next chapter, and together, we’re ready to make an even greater impact across key UK regions”. Darren Weston, Group Operations Director at CloudCoCo, adds, “Joining Aspire represents an exciting new phase for CloudCoCo. We look forward to working closely with Chris and the team to expand our reach, deliver added value, and provide a wider range of innovative solutions. Aspire’s commitment to excellence aligns well with our own; it’s a powerful collaboration with a trusted UK technology provider that shares our values and goals.” Aspire’s recent £1.7 million reinvestment in its established technology stack, as outlined in its FY24 accounts, reinforces the capabilities of its next-generation Security Operations Centre (SOC) and other critical infrastructure. Supported by LDC, a leading private equity firm known for backing high-growth UK businesses, this underscores Aspire’s dedication to driving innovation and maintaining the highest standards of service. With an expanded presence across Gateshead, Glasgow, London, Stockton, and now Leeds, Aspire is seeking to set new benchmarks in managed IT, cyber security and modern workplace solutions for businesses throughout the UK. For more from Aspire, click here.

Chief Telecom and RETN to enhance DDoS protection

Chief Telecom, a major telecommunications provider in Taiwan offering high-performance data centre services, network solutions, and cloud services, has partnered with RETN, a global network services provider, to leverage RETN’s newly launched DDoS mitigation platform. The solution integrates RETN’s advanced DDoS mitigation technology with Chief Telecom’s strong IP Transit services customer portfolio, offering Chief Telecom’s customers protection against evolving cyber threats while maintaining high-quality, resilient internet connectivity. RETN’s platform provides automated threat detection and mitigation, leveraging machine learning to detect malicious traffic before it reaches the network, ensuring uninterrupted service even during large-scale cyberattacks. In addition, the new platform benefits from RETN’s extensive global network, which connects Europe and Asia, making Taiwan a crucial point in this intercontinental link. The partnership ensures that Chief Telecom can offer businesses in Taiwan robust security features, including volumetric attack protection, application layer defence, and protocol attack mitigation, all supported by a 24/7 Security Operations Centre (SOC) and real-time alerts. Tim Chiang, Vice President of Chief Telecom, says, “By partnering with RETN, we are empowering our customers in Taiwan with world-class DDoS protection and resilient network connectivity. This collaboration ensures that businesses can operate without fear of downtime, even in the face of the most sophisticated cyber threats.” Chief Telecom's Taipei Internet Exchange (TPIX) is one of the largest in Asia, connecting businesses and internet service providers (ISPs) across the region. Chief Telecom plays a key role in ensuring Taiwan’s status as a digital hub, delivering robust connectivity and innovative services to businesses in Taiwan and beyond. As Taiwan grows into a global technology hub with one of the highest internet penetration rates in Asia, businesses face an increasing threat of cyber attacks, especially Distributed Denial of Service (DDoS) attacks. Taiwan’s position as a key gateway for Asia-Pacific internet traffic also increases its exposure to cyber security risks. Chief Telecom thus sought a solution that could provide customers with enhanced DDoS protection, ensuring uninterrupted and secure network services, which are critical for Taiwan’s data-driven economy and high-tech industries. For more from Chief Telecom, click here.

Online event to focus on critical aspects of threat intelligence

ThreatQuotient, a threat intelligence platform innovator, has announced the launch of Cyber Rhino Threat Week, an online event offering key insights from industry leaders and ThreatQuotient executives. Together, they will tackle the most pressing aspects of threat intelligence management. The virtual event will run from 9-13 December and will examine the latest best practices in threat intelligence and addressing the ever-evolving landscape of cyber threats. Throughout the week, cyber security leaders and practitioners from all sectors are invited to attend five dedicated one-hour sessions with multiple registration time options to suit the three regions: the Americas, EMEA and APAC. Each session will focus on different aspects of threat intelligence providing guests with actionable insights and a comprehensive understanding of how to enhance the effectiveness of organisational threat intelligence programmes and initiatives. Commenting on the event, Gigi Schumm, Chief Revenue Officer at ThreatQuotient, says, “Cyber security teams increasingly depend on the strength of collective intelligence, not just to protect their own organisations but their industry and ecosystem of partners. “By equipping ourselves with and sharing the latest threat intelligence and best practices, we can develop strategies to prevent attacks and build industry-wide defences. Cyber Rhino Threat Week exemplifies this effort by gathering top industry insights from key players within the threat intelligence market such as the Head of SOC for Paris 2024, the President and CEO at Cyber Threat Intelligence, the EMEA Executive Director at FS-ISAC and the Technical Director for the National Directorate of Custom Intelligence and Investigations.” This inaugural event underscores ThreatQuotient's commitment to promoting intelligence sharing and collaboration across organisations in order to develop industry-wide responses to cyber threats. With Cyber Rhino Threat Week, ThreatQuotient offers participants a forward-thinking perspective on the future of collective intelligence in cyber security. The sessions featured include special guests and four partners (Dataminr, Team Cymru, Google Cloud and Cybersixgill) who are co-sponsors of the event. For further details and registration, click here. For more from ThreatQuotient, click here.

Espria launches Security Service Edge solution

A new enhanced network security solution has been launched by Espria, a provider of digital workspace solutions. Espria Security Service Edge (SSE) has been designed and developed for any organisation currently using legacy VPN solutions or Always On VPN. Based on Zero Trust principals, Espria SSE replaces the traditional connections to the user's applications, delivering enhanced network security and a seamless user experience that does not compromise on performance or security. Espria thus claims that its Espria SSE is the complete cloud-based solution for workforce access. Brian Sibley, Virtual CTO at Espria comments, “Espria SSE replaces legacy VPNs with ZTNA to minimise the risk of implicit trust and lateral movement and has been designed to reduce the complexity of your existing security estate, as well as cost. With fewer security tools to manage, it means organisations will experience increased efficiency and reduced OpEx. “Furthermore, by leveraging existing Conditional Access policies, organisations will be able to maximise their existing investment in Microsoft tools, while enhancing their security position.” Brian continues, “Cyber security breaches and attacks remain a constant threat for businesses of all sizes. According to the UK Government’s latest Cyber Security Report 2024, half of businesses (50%) and around a third of charities (32%) have reported some form of cyber security breach or attack in the last 12 months. By far the most common type of breach or attack is phishing (84% of businesses and 83% of charities). “Espria's new SSE solution has been launched in response to this rise in attacks, and specifically developed to protect existing investments in Microsoft security solutions. By delivering a solution that unifies an existing security administration, Espria has, for the first time, made available an enhanced security solution that is not only seamless, but cost effective and less complex for users.” Espria SSE is offered in a number of packages dependent on the individual requirement of an organisation. For more from Espria, click here.

Feature - The ways to fight back against rising DDoS attacks

By Tema Hassan, Senior Product Manager at Zayo Europe. One of the most prevalent cyber threats, DDoS (Distributed Denial of Service) attacks target an organisation's online presence by flooding its internet service with traffic, preventing user access. These attacks can entirely disrupt a business’ connectivity and often serve as a smokescreen for more malicious incursions, such as ransomware. You only have to look at the data to see the scale of the issue. Zayo Europe's findings indicate a notable increase in the intensity of DDoS attacks and their impact on businesses from the second half of 2023 to the first half of 2024. On average, a DDoS attack lasted 45 minutes, representing an 18% increase from this time last year. This results in a staggering cost of £4,600 per minute for unprotected organisations, translating to an average of £207,000 per attack. This data alone highlights the severe financial implications of these attacks. Why are DDoS attacks on the rise? DDoS attacks are intensifying for several reasons, one of which, AI, is a double-edged sword. On the one hand, criminals are using AI to make their attacks more sophisticated and bypass traditional defence mechanisms. On the other hand, mitigation platforms can leverage AI to efficiently detect and counter emerging threats. Since DDoS attacks remain a profitable tactic for cybercriminals, businesses can expect these attacks to continue as a harsh reality. Political tensions also appear to be fuelling the increase in DDoS attacks. Government actors and activists frequently use these attacks to make statements or signal intentions. For instance, Imperva's 2024 DDoS report found notable surges in DDoS attacks in Ukraine (519%), Israel (118%), and China (84%). How can businesses protect themselves? While it’s not possible to prevent criminals from targeting businesses with DDoS attacks, the duration of an attack can be minimised to the point where it is nearly imperceptible. This is done via an automated redirect of traffic to a system known as a ‘DDoS scrubber’ that ensures that only legitimate traffic passes through. No matter how long or how severe the attack is, a business that takes this zero-tolerance approach will be properly defended. The attack could last for hours - much like those experienced by governments - but the automated DDoS protection will frustrate the attackers as their efforts will have limited impact. So data centre professionals should certainly be suggesting to clients that they invest in increasing their security. A robust network infrastructure is also critical for data centres and their clients to effectively counter DDoS attacks. As traffic increases due to 5G, AI, and other technological advancements, threat detection becomes even more important. Organisations need to rely on agile, modern networks as the backbone for connectivity and security. Data centres must adopt these modern, flexible networks and move away from legacy and outdated technologies that create vulnerabilities. Without a flexible, up-to-date infrastructure, effective security becomes impossible. Don’t wait until it’s too late As the data indicates, cyber crime is on the rise and shows no sign of slowing down any time soon. While certain sectors - such as manufacturing, telecommunications, and government entities - are more at risk, DDoS attacks can affect any digital business. Any organisation that holds sensitive data could become a target, even if the company is early in its digital journey. Waiting to find out if you’ll be targeted is akin to leaving the key in your front door at night. Businesses must be proactive and take the necessary steps to protect the organisation, the employees and clients. Otherwise, they risk discovering first-hand just how devastating DDoS attacks can be. For more from Zayo Europe, click here.

Infinidat launches cyber security awareness campaign

Infinidat, a provider of enterprise storage solutions, marked the beginning of Cybersecurity Awareness Month by kicking off a campaign to raise awareness about the critical need for enterprises to increase their cyber resilience with next-generation data protection and recovery capabilities in the battle against cyberattacks. Throughout the month of October, Infinidat will be contributing to awareness-building efforts across its social media channels about the emergence of cyber resilient storage as the last line of defence against ransomware and malware. “As we embark into Cybersecurity Awareness Month, we’re excited to help enterprises better understand how to incorporate a cyber-centric, recovery-focused strategy with our InfiniSafe capabilities into their overall cybersecurity approach,” says Eric Herzog, CMO at Infinidat. “Cyber attacks have evolved to increasingly target enterprise storage infrastructure. However, the combination of cyber resilience and cyber security closes the gap and vastly improves the ability to mitigate the impact of cyber attacks, especially ransomware. Broader awareness of best practices in cyber resilience and cyber recovery will be one of the crowning achievements of this month dedicated to cyber security.” Protecting data is one of the most critical actions an IT team must do in their data centre today, and expectations for restoring data and backing up data at multi-petabyte scale have changed. IT teams need to increase next-generation data protection capabilities, and there needs to be data integrity and high reliability with 100% availability, which Infinidat provides. Best practices require an enterprise to ensure data validity and near-instantaneous recovery of primary storage and backup repositories, regardless of the size. This accelerates digital disaster recovery when a cyberattack happens. Krista Macomber, Research Director, Cybersecurity at The Futurum Group, comments, “Cyber security is established as a board-level priority. Given that, it is the data that attackers are after. CIOs and CISOs have begun to critically evaluate the cyber resilience of their organisation's enterprise storage implementations. With this in mind, the need for cyber resilience has established new table-stakes criteria within the storage infrastructure. Strategic planning for capabilities, like Infinidat's InfiniSafe Automated Cyber Protection that helps to mitigate data loss and downtime resulting from a cyber incident, has become critical.” Bob Elliott, VP Strategic Alliances, at Mainline Information Systems, adds, “We’re seeing a growing focus on cyber resilience and rapid recovery in enterprise data infrastructure, especially against threats like ransomware. Adopting a recovery-first strategy helps protect businesses from massive cyber attacks. As IT leaders recognise the importance of next-gen data protection, we expect increased adoption of these solutions. In today’s security-driven landscape, boosting cyber resilience is essential for safeguarding storage systems.” Core pillars of next generation data protection in a cyber-first architecture include: immutable snapshots, logical air-gapping, a fenced forensic environment, and near-instantaneous cyber recovery. These dimensions of cyber resilience are available within Infinidat’s core storage operating system. Moreover, the cyber resilient capabilities that complement, utilise, extend and enable these pillars include cyber detection and automated cyber protection. Infinidat’s InfiniSafe suite provides extensive cyber resilience capabilities, including InfiniSafe Cyber Detection and InfiniSafe Automated Cyber Protection (ACP) along with the stack of all the core pillars of next-generation data protection. InfiniSafe provides secure, end-to-end capabilities to orchestrate with existing security solutions to detect, contain, mitigate and recover from a cyber attack. For more from Infinidat, click here.

90% of cybersecurity incidents could be avoided, survey reveals

Organisations are navigating a landscape of mixed emotions as the Network and Information Security Directive 2022/2555 (NIS2) enforcement date approaches. A regulation that's aimed at strengthening cybersecurity across the EU by expanding the scope and increasing the rigour of security requirements, NIS2 goes into effect on 18 October 2024. Veeam Software, the data resilience expert, commissioned a new survey from Censuswide that revealed that only 43% of EMEA IT decision-makers believe NIS2 will significantly enhance EU cybersecurity. This is despite an overwhelming 90% of respondents reporting at least one security incident that the NIS2 directive could have prevented in the past 12 months. Alarmingly, 44% of respondents experienced more than three cyber incidents, with 65% of those categorised as “highly critical”. The survey results, which encompass the views of over 500 IT decision-makers from Belgium, France, Germany, the Netherlands, and the UK, revealed the state of play less than a month before this directive takes effect. Although nearly 80% of businesses are confident in their ability to eventually comply with NIS2 guidelines, up to two-thirds state they will miss this imminent deadline. Barriers to NIS2 compliance Achieving NIS2 compliance requires businesses to implement essential measures, such as defining incident response plans, securing supply chains, assessing vulnerabilities, and evaluating overall security levels. This includes all affiliated organisations, partners, and supply chains. However, several barriers to compliance persist. Key challenges cited by IT decision-makers include technical debt (24%), lack of leadership understanding (23%), and insufficient budget/investments (21%). Notably, 40% of respondents reported decreased IT budgets since the political agreement for NIS2 was proclaimed effective in January 2023, despite its stringent penalties, which are comparable to those of the EU's flagship data privacy legislation, the General Data Protection Regulation (GDPR). 63% of respondents view the GDPR as strict, and 62% express the same sentiment about NIS2. Competitive pressures amid cyberthreats The slow pace of NIS2 adoption is likely due to the multitude of competing priorities and business pressures that face these organisations. Respondents rank NIS2 lower in urgency than 10 other issues, including the skills gap, profitability, and digital transformation. Worryingly, 42% of respondents who consider NIS2 insignificant for EU cybersecurity improvements attribute this to inadequate consequences of non-compliance, which has led to widespread apathy towards the directive. Additional key findings from the survey include: 74% of respondents see NIS2 as beneficial, but 57% doubt it will have any substantial impact on overall EU cybersecurity posture. Sceptics cite additional concerns such as NIS2's lack of comprehensiveness (35%), belief that compliance doesn’t guarantee security (34%), and overlap with existing regulations (25%). Other barriers include a lack of focus on NIS2 compliance (20%), tight timelines (19%), cybersecurity skills shortage (19%), directive complexity (19%), and organisational silos (19%). Despite conflicting views, most respondents perceive NIS2 positively in the context of their organisation's regulatory obligations, feeling optimistic (33%), confident (32%), and encouraged (27%). Andre Troskie, EMEA Field CISO at Veeam, states, “NIS2 brings responsibility for cybersecurity beyond IT teams into the boardroom. While many businesses recognise the importance of this directive, the struggle to comply found in the survey highlights significant systemic issues. The combined pressures of other business priorities and IT challenges can explain the delays, but this does not lessen the urgency. “Given the rising frequency and severity of cyberthreats, the potential benefits of NIS2 in preventing critical incidents and bolstering data resilience can't be overstated. Leadership teams must act swiftly to bridge these gaps and ensure compliance, not just for regulatory sake but to genuinely enhance organisational robustness and safeguard critical data.” For more from Veeam, click here.

Veeam announces integration with Palo Alto Networks

Veeam Software, a data resilience expert, has announced a new integration with Palo Alto Networks, a global cybersecurity specialist, to simplify security operations and strengthen data resilience. This integration addresses the pressing need for organisations to take an integrated approach to protecting their data backups and proactively respond to cyber threats through the capabilities offered by Veeam’s new apps and Palo Alto Networks Cortex XSIAM and Cortex XSOAR. With this new integration, Veeam is the first Palo Alto Networks partner to independently design and develop a data collector, dashboards, and reports for Cortex XSIAM. Dave Russell, SVP of Strategy at Veeam, explains, "Cyber threats are a reality for every single organisation. It takes teamwork to fight this escalating battle against ransomware. We are excited to integrate with Palo Alto Networks to provide customers with capabilities to further strengthen their data resilience. This powerful integration enables our 550,000 customers to better protect their backups and respond to cyberattacks faster, tightening their security posture and helping to ensure reliable, rapid and trusted recovery.” In today's digital landscape, ransomware attacks are on the rise, with 96% specifically targeting an organisation's backups according to the Veeam 2024 Ransomware Trends Report. This alarming reality poses a significant challenge for IT and security leaders worldwide. Traditional tools struggle to scale for large enterprises, resulting in a high volume of alerts and overwhelming manual processes for security teams. To combat these challenges and fulfil customer demand, Veeam and Palo Alto Networks have integrated technology to centralise, scale, and automate data monitoring and incident response. By integrating Palo Alto Networks AI-driven security operations centre (SOC) platform with Veeam's recovery capabilities, organisations can identify and respond to cyberattacks faster, helping to ensure the resilience of their business-critical backup data. "We are thrilled to collaborate with Veeam, empowering organisations to respond and react more quickly to threats facing their critical data," says Pamela Cyr, VP of Technical Partnerships at Palo Alto Networks. "By combining the power of Palo Alto Networks' AI-driven SOC platform with data resilience capabilities from Veeam, we can help customers identify and respond to threats, ensuring the resilience of business-critical data. The new integration demonstrates our shared commitment to providing organisations with tools and technologies that help them proactively combat evolving cyber threats and strengthen their security posture." The integration introduces two new applications – the Veeam apps integrated with Cortex XSIAM and Cortex XSOAR that leverage a bi-directional API connection to monitor, detect, and respond to security incidents impacting critical business data and data backups. The Veeam app integrated with Cortex XSIAM brings data from Veeam Backup & Replication and VeeamONE environments into Cortex XSIAM, providing a centralised view of data and backup security-related activity. The Veeam app, integrated with Cortex XSOAR, enables regular API queries against Veeam Backup & Replication and Veeam ONE, monitoring for significant security events or alerts. Both applications are included at no charge to Veeam Data Platform Advanced and Premium customers. For more from Veeam, click here.

Custocy partners with Enea for AI-based NDR integration

Custocy, a pioneer in artificial intelligence (AI) technologies for cybersecurity, is to embed Enea Qosmos deep packet inspection (DPI) and intrusion detection (IDS) software libraries in its AI-powered network detection and response (NDR) platform. This integration will enable Custocy to improve accuracy and performance and support product differentiation through detailed traffic visibility and streamlined data inspection. Custocy uses layered, multi-temporal AI functions to detect immediate threats as well as persistent attacks. This approach streamlines the work of security analysts through attack path visualisation, improved prioritisation, workflow support and a radical reduction in the number of false-alarm alerts (‘false positives’). By integrating Enea software into its solution, Custocy will have the exceptional traffic data it needs to extend and accelerate this innovation while meeting extreme performance demands. Enea’s deep packet inspection (DPI) engine, the Enea Qosmos ixEngine, is the most widely embedded DPI engine in the cybersecurity industry. While it has long played a vital role in a wide range of security functions, it is increasingly valued by security leaders today for the value it brings to AI innovation. With market-leading recognition of more than 4,500 protocols and delivery of 5,900 metadata, including unique indicators of anomaly, Qosmos ixEngine provides invaluable fuel for AI innovators like Custocy. In addition, the Enea Qosmos Threat Detection SDK delivers a two-fold improvement in product performance by eliminating double packet processing for DPI and IDS, optimising resources and streamlining overheads. And thanks to Enea Qosmos ixEngine’s packet acquisition and parsing library, parsing speed is accelerated while traffic insights are vastly expanded to fuel next-generation threat detection and custom rule development. These enhancements are important, as demand for high-performing NDR solutions has never been higher. NDR plays a pivotal role in detecting unknown and advanced persistent threats (APTs), which is a challenge certain to become even more daunting as threat actors adopt AI tools and techniques. Custocy is well-positioned to help private and public organisations meet this challenge with a unique technological core built on AI that has earned the company a string of awards; the latest being Product of the Year at Cyber Show Paris. Jean-Pierre Coury, SVP Embedded Security Business Group, comments, “Custocy has developed its solution from the ground up to exploit the unique potential of AI to enhance advanced threat detection and security operations. AI is truly woven into the company's DNA, and I look forward to the additional value it will deliver to its customers as they leverage the enhanced data foundation delivered by Enea software to support their continuous AI innovation.” Custocy CEO, Sebastien Sivignon, adds, “We are thrilled to join forces with Enea to offer our customers the highest level of network intrusion detection. The Enea Qosmos ixEngine is the industry gold standard for network traffic data. It offers a level of accuracy and depth conventional DPI and packet sniffing tools cannot match. Having such a rich source of clean, well-structured, ready-to-use data will enable Custocy to dramatically improve its performance, work more efficiently and devote maximum time to AI model innovation.”