skip to Main Content

SS8 Unveils BreachDetect: A Time Machine for Detecting and Forecasting Data Breaches

Proven with the World’s Top Intelligence Agencies and Built for Today’s Enterprises

MILPITAS, Calif., June 1, 2016 — SS8 today unveiled BreachDetect, a “time machine” for data breach detection that uses new methods of network visibility, learning and automation to accelerate and simplify the breach-hunting journey – past, present and future.

SS8 BreachDetect takes investigation-grade communications analytics, proven with the world’s largest intelligence agencies to find the suspect-of-interest (SOI), and provides a solution for enterprises such as Chenega Corporation and Landmark Ventures to quickly and easily identify the compromised device-of-interest (DOI). The solution generates and stores months, and even years, of enriched High-Definition Records (HDRs) from communications flows, which are analyzed in real-time against past, current and future network activity to find unidentified breaches.

“Targeted attacks know how to hide from preventative tools, but they can’t hide from the network, by design they need it to get out. This is the level of detection we need,” said Rick Kessler, CIO of Chenega Corporation. “Immediately after deploying SS8 BreachDetect we had identified malicious behavior on our network and could pinpoint the device in question to take it offline and avoid data exfiltration.”

Application Intelligence from Protocol Extraction
SS8 BreachDetect uses high-performance, application-aware software sensors that deploy passively on the customer network to generate HDRs. Each sensor decodes more than 1,000 protocols, and can process up to 10 million HDRs per-second on a multi-gigabit class network. Unlike NetFlow technology, SS8 HDRs include critical application-layer and identity intelligence that is necessary for pinpointing the DOI by eliminating any network obfuscation and “dwell time” after a threat has become weaponized.

“The network has become a focal point for understanding data breach behavior as attacks remain elusive and go undetected for hundreds of days,” said David Monahan, research director for EMA. “SS8 is giving enterprises a solution that provides the deep network visibility needed to identify potential anomalies and compromised devices.”

Learning Analytics Accelerates Future Breach Detection Time
SS8 BreachDetect includes a Learning Analytics engine that enriches, analyzes, learns, and matches HDR data with user, device and threat intelligence information. Deployed in the cloud or at the customer location, the data can be stored for years for retrospective analysis. Unlike network DVRs, SS8 Learning Analytics gets smarter the longer it operates to improve breach behavior forecasting on the network.

Automated Discovery Says ‘Goodbye’ to Manual Hunting
EMA’s High-Fidelity Research Project found that 86% of security professionals today believe it is important or very important to automate the tasks, actions, and/or analysis in achieving network breach detection. The Automated Discovery capabilities included with SS8 BreachDetect come from years working with cyber investigators in intelligence agencies and provide the enterprise security analyst a simplified, automated workflow that takes the guesswork out of hunting for breaches. Automated Discovery includes an easy-to-use dashboard with color-coded Kanban-style threat panel, eliminating any need to sift through massive amounts of log data and threat intelligence feeds to find a device-of-interest.

“We get smarter about security every day, and while that knowledge helps us stop the known attacks, it doesn’t account for the breaches that went undetected,” said Faizel Lakhani, president and COO of SS8. “What’s needed in today’s complicated breach lifecycle is the ability to not only turn back the clock to uncover the unknown threats, but analyze the past to better forecast for new breaches. This time machine for breach detection takes our expertise in extracting intelligence from communications and delivers it to the enterprise to uncover the unknown threat.”

Pricing and Availability
SS8 BreachDetect is available today as a monthly subscription based on 1) the monthly average throughput of the network being analyzed, and 2) the number of months desired for retrospection. Sensors are free with no deployment limitations. A two-week Risk Assessment is available to highlight network anomalies and potential breaches based on a customer’s real-world network traffic.

About SS8
SS8 is a time machine for breach detection. SS8 applies today’s knowledge to history to find breaches now that you did not know about before. By generating, storing and analyzing months, and even years, of enriched intelligence from all communications flows, SS8 customers benefit from unprecedented content- and context-aware insights that allows them to find the threats that matter most. SS8 is trusted by six of the world’s largest intelligence agencies, five of the 10 largest communications providers and two of the world’s largest critical infrastructure entities. Learn more at