Traffic Analysis and Response Platform
TARP utilizes open-source data about existing risks in addition to our analysis of new ones to be prepared for both known and unknown threats.
Our system uses a hybrid of static analysis and machine learning algorithms in order to keep a constantly updated watch over the data traversing into and out of the network.
Based on data received from our analysis platform, TARP will implement intelligent firewall rules in-between the system and the external web. It will also notify the user when anomalies are detected, allowing enterprise users to diagnose and resolve the problem using their own personnel and resources.
TARP is a holistic incident detection and response platform for mission-critical IoT and ICS systems.
- IoT focused: TARP specifically targets IoT devices, meaning that operations for standard servers and workstations will not be impacted by the integration of TARP into a home or enterprise network.
- Expandable: TARP can grow and shrink to fit any size network.
- Continuous: A disruption in TARP does not mean a disruption in service. IoT devices can utilize normal endpoints in the event of system failure.
- Hybrid analysis: Dozens of commercially available IDS/IPS systems already use machine learning for malware analysis. TARP still utilizes the latest groundbreaking achievements in machine learning, but diverges from the norm by also integrating static analysis of packet contents. This hardens our IoT networks against a variety of common threats and attacks.
- Trusted sources: Our static analysis incorporates malicious address data from institutions such as Google and SANS.
- GeoIP integration: TARP dynamically determines the country of origin for each device based on hardware data, allowing us to determine regions of the world we could normally expect devices to be contacting for updates, etc.
- TARP uses no third-party servers or hardware, meaning that it can be brought into a classified environment on classified systems.
- Cheap: The current iteration of TARP is cheap. Very cheap.
- By introducing a honeynet into our IoT security solution, organizations can observe attacker behavior while maintaining their network's security by quarantining bad actors.
- Spencer Hanson
- Nicholas Zimmerer
- Ryan Craig
- Jonathan Meade