Quad Miners: The Rising Rookie in Network Security

During a security incident investigation, the network engineer of a company notices that certain devices are being crippled by some suspicious traffic. Try as he might, the engineer couldn't troubleshoot what exactly was transpiring on the network. Despite having an abundance of security tools, the company was capturing an incomplete record of network activity making it next to impossible to quickly investigate the issue and determine the root cause.

The above scenario is probably a common occurrence across many organizations today. Currently, when security incidents occur due to an attack by a cracker or an information leak from personnel within the organization, significant clues and data to analyze them are missed. This is because most existing security and network monitoring solutions in the market show only part of the alerts, issue description, and log analysis, preventing a thorough understanding of network behavior or an incident. If only the company in the example above was using Network Blackbox by Quad Miners they could have resolved and eliminated the threat in no time. A truly next-gen network security solution, the Network Blackbox can process large amounts of bandwidth and collect and analyze full-packet traffic in real-time, which makes it easier to track all attacks in a network environment.

The rising rookie in network security solutions, Quad Miners' Network Blackbox applies Suricata rules to detect events and user-defined rules to analyze full-packets. Behind this “futuristic iteration of network security” are a group of four visionaries (the Quad) that go back 15 years. Having met each other in their college's network security lab, overtime the experts put together their skills at packet mining to redefine the world of network security forever. “While Quad Miners was founded in 2017, the research and development behind the Network Blackbox began as early as 2014, signifying the kind of dedication, passion, and groundwork that went behind Quad Miners,” says Bumjoong (Ven) Park, CEO and co-founder of Quad Miners.

To delve a little more into the Network Blackbox, the solution can process large amounts of traffic per second and recognize up to 400 applications. It can easily integrate with various third-party solutions, APIs, Java Database Connectivity (JDBC), security information and event management (SIEM) tools, APT Sandbox, and more.

The solution also comes in-built with specific rules and policies to detect abnormal behavior within internal users that are sending consistent emails to the same location.

In the event of a breach, another unique feature in Network Blackbox, which comes to the rescue is the ability to restore a user’s screen so that the security team can check where and what website a user was on without the use of forensic. Moreover, keeping in mind that the global security market is increasingly leveraging big data and machine learning where the data integration of the contents of a packet emerges as a necessity, Quad Miners offers full packet data integration. “To analyze and save packets quickly, we also design and develop our own database,” mentions Park.

What speaks for itself about Quad Miners’ superior value proposition is their list of esteemed clientele that comprises industry bigwigs such as Samsung Display, the Shinhan Bank, Starbucks Korea, Gyeonggi Provincial Government, Korea Airports Corporation, and much more. To give a deeper understanding of their solution, Park recalls a case in point where a reputable global company was facing serious security problems as sensitive information was being leaked out by personnel within the company. The company used a combination of webmail, in-house messenger, data loss prevention strategies, and forensic solution yet failed to fully identify the leaks. However, enter Network Blackbox and the single solution was equivalent to four, saving full-packet traffic into distributed database nodes in a scaled-out fashion. Quad Miners' state-of-the-art database was able to store three months of full-packet traffic and using it the client could fully analyze traffic in real-time and take rapid actions against security issues.

Another engaging customer success story is that of a large-sized financial company. They were trying to detect fraudulent activities using a SIEM system but received an incomplete picture of network activity. With Network Blackbox, the client was able to establish a next-generation fraud detection system, collect full-packet traffic, and analyze transactions based on the traffic. In case of a breach or detection of suspicious activity, the client could drill down to the network packets to pinpoint precisely what took place, eliminating guesswork, and taking remedial action much faster. “The implementation was such a hit that other domestic clients and overseas branches of the company are now considering Network Blackbox,” states Park.

Quad Miners’ client success rate is growing with each passing year and they have their eyes on even bigger milestones. The company is looking at further expanding its footprint in Singapore and Japan. Innovation will continue to be the name of the game for the company as is evident from the cloud-based beta version of Network Blackbox, which they are currently working on. “We believe this will be the world's first cloud-based full-packet inspection technology that will integrate various network security solutions into one,” mentions Park.

All in all, on combining Quad Miners’ journey so far with their future endeavors in progress, it can be said beyond any doubt that the pictogram of a shovel in their logo and what it stands for is clearly an apt representation of the company: patience, effort, and digging deep into the security landscape.