There is a problem in the security industry. It isn’t caused by a lack of detection capabilities or the availability of security tools to detect these threats. It is the inability of the security vendors to deliver reliable information to their customers in a timely manner. The centralized security industry–the multitude of security vendors selling tools and intelligence to protect organizations–is fighting a cyber war against an enemy that is decentralized and continually evolving. The security vendors we rely on are simply unable to collect, store, and analyze enough security information to protect every customer against every threat. This is a resource problem: centralized security vendors can only afford to hire a limited number of security analysts and they don’t have the bandwidth to monitor every global attack across every network. It is akin to fighting an asymmetric battle with defenses not built to protect against evolving threats.
The solution is Truss Security, a decentralized security defense network. Truss Security is supported by decentralized security researchers and analysts each focused on their unique skillset. This decentralized network enables organizations to build their defenses around the specific use cases and protections they need by purchasing alert and detection rules directly from the researchers and analysts who produce them. As a result, organizations can immediately ingest detection rules, alerts, and report templates for the latest attacks witnessed worldwide, such as viral ransomware campaigns, zero-day vulnerability detections, and even Advanced Persistent Threats (APTs) threats. Compared to the days or weeks that it can take for a typical centralized security vendor to deliver time-sensitive detections, the Truss’ decentralized security network can discover and build protections within minutes.
The following image illustrates how a decentralized security network like Truss allows security researchers and organizations to upload and download security detection rules, alerts, dashboards, and threat mitigations directly to the Truss network—allowing for the rapid transmission of security data.
Figure 1. The Truss Decentralized Security Network
At Truss, we envision a world where a decentralized network of security analysts and vulnerable businesses share, sell, and buy security-related information directly with each other, including Security Information and Event Management (SIEM) policies, queries, alerts, dashboards, and reports, or even Endpoint Detection and Response (EDR) malware and network traffic signatures, alerts, and reports. By leveraging the Truss Security product workflow, see Figure 2, organizations automatically update their SIEM and EDR functionality to detect the latest security events or vulnerability disclosures in real time, allowing organizations to react to the impact of these events and automatically alert the security team and leadership if malicious operations occur.
Figure 2. The Truss Decentralized Security workflow
Truss presents a novel way to deliver, purchase, and retrieve security data to support the detection and prevention of cyber-attacks across the globe. Information security practitioners acknowledge the decentralized nature of cyber attacks presents both a technological and economic challenge to rapidly responding to these threats. Truss provides an alternative approach to augmenting in-house security tools with actionable security threat data, alerts, and reports by leveraging a decentralized network of security researchers. Allowing businesses to focus on the job of growing and innovating, instead of continually worrying about the latest cyber threats facing their business.
Join the decentralized security conversation at Discord