In 2011, when other institutes failed for weeks to resolve a malicious breach at an international pharmaceutical company that got hit by cybercriminals who had stolen 9 years of research data, current RedSocks CTO, Pepijn Janssen and his team were asked to document and build a body of intelligence against the individuals associated with the crime. Their successful work caught the interest of other enterprises so the concepts were developed and so was RedSocks born in 2012.
Janssen and his team were set out to answer the basic question: “How come that on average, it is taking companies nearly three months (80 days) to discover a malicious breach and then more than four months (123 days) to resolve it”? Their mission was to “cover the blind spots”, discover the threats that bypass other layers of security- give organizations the visibility that they need to hunt for attacks happening inside their networks.
Powerful Security Research
The RedSocks Malware Intelligence Team (RSMIT) is still led by CTO Pepijn Janssen, a cybercrime expert with 15 years of professional experience in (large scale) digital/internet forensic investigations and IT-security: Interpol, Europol and KLPD (Dutch National Police Agency). Next to Janssen the RSMIT consists of cyber intelligence researchers who are active in the field of malicious traffic analyses based on Netflow/IPFIX from University of Twente and experts who have spent years working with cyber threats at KPN, Royal Dutch Shell, Advisors of the Cyber Security Advisory Board (CSAB).
Today RedSocks is focused on real-time analysis of advanced malware threat detection leveraging threat intelligence to create advanced malware defenses for companies of all sizes.
RedSocks Malicious Threat Detector (MTD) is enhanced with a heuristics engine for analysing behavior and complementing the current network traffic destination analysis. Thanks to a new high-performance database model, detecting new threats now occurs faster, more flexibly and more effectively than ever. This means the RedSocks MTD already meets the requirements arising from an expected tripling of network traffic over the coming five years.