Summary: QoSient and a DHS independent SOC have been working together on an innovative pilot program called “Elimination of Unmonitored Space” (EUS) that strives to detect and respond to internal cyber threats through pervasive network sensing and sense-making in an enterprise network. Modeled after the NSA’s Integrated Active Cyber Defense (IACD) architecture and the US DoD CENTAUR / Acropolis programs, the effort has developed a strategy for scalable development and deployment of new predictive cyber security analytics. In this presentation, we will present our approach to developing comprehensive network sensing at the endpoint and how centralized / regionalized analytic systems can manage the data and analytics needed to develop operational site-specific predictive analytics. We believe that the shift to remote computing will push the need for awareness and predictive analytics at the endpoint and a new approach for cyber defense.
