Core CSP (formerly Damballa CSP) is a purpose-built security system designed to monitor Internet Service Provider and telecommunications subscribers for cyber threats. This lightweight, scalable service provider solution passively monitors extremely large networks and identifies malicious activity on a subscriber network originating from PC, tablet and mobile devices.
The Challenge of Protecting Large Networks
Internet Service Providers (ISPs) and telecommunications companies are increasingly fending off cyber threats that are hijacking bandwidth capabilities. Additionally, these attacks are putting their subscribers at risk of having their credentials stolen, falling victim to fraudulent transactions, or having their devices commandeered and used for cryptomining, botnets, or other persistent attacks. DDoS attacks, often committed by botnets, are particularly problematic, since they consume bandwidth with floods of requests, disrupting normal traffic or crashing the infrastructure entirely. Threat actors utilize service provider networks as a way to access any number of unsuspecting targets. With more smart devices than ever, subscribers often rely on their service providers to keep them safe from cybercrime.
Passive Monitoring for Actionable Information
Core CSP passively monitors sizeable, service provider scale networks, identifying infections with certainty and providing service providers with insight into the malicious activity originating in their network. Core CSP sits out-of-band inside the service provider’s network, leveraging more than 12 years of historical passive DNS based threat intelligence to monitor DNS requests from subscribers’ IP addresses for the presence of advanced malware.
Get maximum visibility into threat activity, with information like threat names and intents, infected subscribers, malicious DNS queries, and more. Users can also track trends like malicious activity by country, infections over time, or unique threats discovered. With this evidence, service providers can move quickly, notifying subscribers, enabling faster remediation and reducing dwell time.
Maximize Subscriber Protection and Service
By working out-of-band inside the service provider's network, Core CSP won't clog bandwidth or impede network performance, ensuring subscribers still get the fastest service possible. Further, working out-of-band makes Core CSP undetectable by criminal entities trying to evade detection, allowing you to gain the upper hand by gathering information on their techniques so that you can take both short term measures to stop them from doing damage, as well as long term measures to ensure these techniques don't work in the future.
Subscriber experience is also prioritized, with a number of options for how to best notify subscribers of an infection, including email or in-browser. Additionally, Core CSP identifies threats without compromising users’ Personally Identifiable Information (PII). Subscribers can have complete peace of mind with confidence in their security, without feeling like their privacy is being invaded.
Identify compromised subscribers
Sensors are placed in key locations within your subscriber access network. They listen to passive DNS traffic to pinpoint compromised subscriber IP addresses.
Global threat intelligence to your devices
Advanced data science and machine learning systems regulate, correlate, and predict infections and threat actors to continuously improve your security.
Valuable insight to shorten dwell time
Suspicious and malicious evidence is displayed at the management console in dashboards, and can be aggregated to generate executive, health check, and threat trend reports.
Business class service
Purpose built for communication service providers, Core CSP enables these large enterprises to protect their bandwidth capabilities and shield subscribers from malware and advanced threats.
How Can Your Enterprise from Benefit from Core CSP?
Core CSP does more than protect your bandwidth and reduce the risk of damage to your subscribers’ devices and sensitive information. It reduces the risk of poor customer relationships, a damaged reputation, and the loss of subscribers. It also prevents the need for a drastic increase in cost of both time and money that arises when having to investigate the numerous inquiries launched into allegations of fraudulent data and SMS usage charges due to excessive traffic from malicious infections. With Core CSP identifying infections with certainty, service providers can immediately notify subscribers, reducing exposure to risk, increasing customer goodwill, and providing opportunities for rectification.
Enrich Core CSP with Integrations
Core CSP allows service providers to streamline their security by integrating with other solutions, like SIEMS, other logging systems, or remediation tools. Organizations have an increasing number of solutions, so enabling centralization through integration allows security analysts to act even faster.
Divider text here