_
How Custocy and Enea have redefined network intrusion detection with a high-performance NDR

September 25, 2024
Cybersecurity - Artificial Intelligence - Security network

As cyber threats continue to evolve, Network Detection and Response (NDR) solutions have become a cornerstone of any robust cyber defense strategy. The partnership between Custocy, a French expert in AI applied to network security, and Enea, a global leader in telecommunications and cybersecurity software, aims to deliver a high-performance sovereign NDR solution. This technological alliance combines Custocy’s AI engine with Enea’s deep packet inspection (DPI) engine and intrusion detection (IDS) software development kit (SDK). 

An NDR built on a unique collaborative AI approach

Custocy stands out in the cybersecurity market with its innovative approach to network intrusion detection, powered by its MetaLearner AI engine. Developed over five years in close collaboration with LAAS-CNRS, this system orchestrates a community of AI models that collaborate across multiple time scales to detect different types of threats, both short and persistent over time. This layered architecture allows real-time network monitoring, and the detection of intrusions, often overlooked by other tools.

The robust technology behind Custocy’s NDR ensures a high level of detection accuracy. Analysts are only alerted in the event of a confirmed threat, significantly reducing false positives—a common challenge in cybersecurity solutions. Moreover, alerts are accompanied by a severity score and a clear visualisation of the attack path, enabling analysts to investigate quickly.

Winner of the i-NOV innovation label as part of the French government’s France 2030 plan, Custocy’s unique approach has established it as a French leader in advanced AI-powered threat detection. In May 2024, the Custocy NDR was awarded “Product of the Year” at the Cyber Show Paris.

The METALEARNER, the technological heart of Custocy

Enea’s next-generation DPI and IDS: a major asset for Custocy’s NDR

To provide an NDR platform on par with the world’s leading network intrusion detection solutions, Custocy chose to partner with Enea.

Enea’s deep packet inspection (DPI) engine, the Qosmos ixEngine, a longstanding leader in the cybersecurity industry, is renowned for offering exceptional visibility into network traffic by recognising over 4,500 protocols and providing 5,900 metadata points. This delivers rich, reliable data that Custocy’s AI processes in real-time—an invaluable fuel for refining the detection accuracy of potential threats within the network flows.

Enea also delivers its software-based intrusion detection (IDS) engine, the Qosmos threat Detection Software Development kit (TD SDK), which incorporates core functionalities from the industry’s leading IDS, Suricata, and integrates tightly with the Enea Qosmos ixEngine for traffic visibility. It significantly boosts performance by eliminating double packet processing for DPI, thus optimising resources and speeding up the analysis process.

In this interview, William Ritchie, CTO of Custocy, presents the company’s pioneering artificial intelligence (AI)-powered Network Detection & Response (NDR) platform and why they chose Enea’s next generation deep packet inspection (DPI) technology to help boost accuracy and performance.

A strategic collaboration to address cybersecurity challenges

As AI-based attacks rise, the demand for advanced threat detection solutions has never been higher. The Custocy-Enea duo provides a comprehensive, detailed view of network traffic, enabling precise detection of even the weakest attack signals and combatting increasingly sophisticated emerging threats.

This technological alliance positions a cutting-edge NDR on the cybersecurity market, offering advanced AI capabilities that address the challenges faced by both public and private critical infrastructures. By combining their strengths, these two European players provide a sovereign, innovative solution to meet the growing demands of the European and global markets.

Custocy’s NDR platform is available in a SaaS model through its network of ESN and MSSP partners.

Sébastien Sivignon, CEO of Custocy, highlights the importance of this collaboration: “We are thrilled to join forces with Enea to offer our customers the highest level of network intrusion detection. The Enea Qosmos ixEngine is the industry gold standard for network traffic data. It offers a level of accuracy and depth conventional DPI and packet sniffing tools cannot match. Having such a rich source of clean, well-structured, ready-to-use data will enable us to dramatically improve our performance, work more efficiently.” 

Speaking for Enea, Jean-Pierre Coury, SVP Embedded Security Business Group, stated: “Custocy has developed their solution from the ground up to exploit the unique potential of AI to enhance advanced threat detection and security operations. AI is truly woven in their DNA, and I look forward to the additional value they will deliver to their customers as they leverage the enhanced data foundation delivered by Enea software to support their continuous AI innovation.”