We wanted to share with you some insight from the 50M+ security events that originated from our customers’ networks last week. We reported different security event invariants that were confirmed to be true positives and how they fit within a global, multi-domain context. The data and several interesting graphs can be obtained at https://www.metaflows.com/stats
For example, the top OpenAppIDs that were the best predictors of a compromise last week are shown below. Interestingly, we also detected that the google_update OpenAppID predicts with fifty percent (50%) accuracy malware activity designed to evade application firewalls. Remember, these are actual measurements across 50M+ records. As a result, they should be relevant to any network.
Below is a visualization of the IDS rules with greater than 95% accuracy last week. Please visit our stats page at https://www.metaflows.com/stats/ for more detailed information.
MetaFlows offers a compelling product that will provide an unprecedented level of protection to any network. If you decide to run a trial, in addition to automated incident reports with extremely low false positive rates, you will also get a personalized multi-domain report for the events found on your network.