P
Pavel Minarik
Guest
Product innovation requires a blend of thought leadership, market trends and customer feedback balanced with user experience, scalability and ease of use. At the core of thought leadership is a joint research and development program that brings together product experts and senior architects from Progress and distinguished researchers from leading academic institutions worldwide. Together, this combined team works on Horizon 3 concepts, validating hypotheses and building prototypes and proofs of concept. In this blog, Pavel Minarik, VP of Technology leading the Experimental Development team at Progress, summarizes our current research and development activities.
The joint research and development program involves a disciplined approach to product innovation. It identifies formalized projects that can be executed together with research organizations, where senior researchers augment the Progress team’s work with scientific experience. Project proposals are created and submitted for review and funding by agencies on the national level, such as the Technology Agency of the Czech Republic, in a bilateral international cooperation, or in an international competition of projects funded by the European Commission. The agency funding enables the cooperation between the research organization and the company.
New Projects in the Pipeline
The year 2023 was remarkable for us, both in terms of the number of projects we completed and the new project proposals we submitted for evaluation. In 2024, we have begun two new projects so far, and two other projects are in the evaluation phase with results yet to be published.
A notable activity in 2023 was the completion of the CONCORDIAproject, an H2020 funded pan-European initiative aiming to bring together more than 50 partners across the industry and academia to innovate in the cybersecurity discipline and ecosystem. Our focus was on the analysis of encrypted traffic and automation of threat detection at a scale based on indicators of data ingested from the MISPproject—an open-source threat intelligence-sharing platform. New capabilities developed in this project are now standard features incorporated into our FlowmonNPMD and NDR platform. Thanks to the research and development, we were one of the first vendors to introduce monitoring of the emerging QUIC protocol, which is becoming a new standard for accessing web-based content. Our primary research partner in this project was Masaryk University in Brno.
Together with CESNET,we have completed a project, FlowTest, focused on enabling simulation of complex network traffic patterns gathered in an anonymous manner in a customer environment. This unique ability allows us to perform advanced performance and compatibility testing of network sensors in a lab environment that realistically emulates the real production environment. Results of the project include the ability to create network profiles, generate network traffic of required characteristics and throughput and orchestrate the entire process.
A Focus on Security
The ability to analyze encrypted traffic while maintaining privacy and integrity is essential to keep up with recent attacks and threats. Contextual analysis that can connect the dots between different network sessions, extract common properties and classify individual network sessions regardless of the encryption, enables one to more easily identify threats that are currently hidden due to encryption. At the same time, they provide network administrators additional information to create an overall picture of the state of the network, services or applications used. In the ETA project we worked together with Brno University of Technology to build new threat detection methods based on this technology. First results are already available in Progress Flowmon ADS—the ability to identify DNS over HTTPS despite encryption and additional methods are undergoing lab testing before becoming available to customers.
Within the scope of the SECURIAN project, we are developing new capabilities to automate threat hunting, security investigations and root cause analysis. We are effectively building an experienced AI-powered cyber analyst that will provide required knowledge and guidance to simplify the data analysis process. With a set of extensible and customizable playbooks and recommendations for next steps in the analysis process, we will help to streamline cybersecurity analysts' workflows and reduce the required skills gap. Our research partner is Masaryk University, and the project timeframe is 2023–2025.
In collaboration with our partners, National Taiwan University of Science and Technology, National Institute of Cyber Security in Taiwan and Brno University of Technology, we recently submitted a proposal for a project called, “Privacy-Respecting Explainable Assessment and Collection of Threats” into the international TACR DELTA 2 program. The proposal was accepted, and the project officially starts in January 2024. The focus of this two-year project is collaborative threat detection and threat intelligence processing using AI.
Streamlining Network Operations
In January 2024, we also started a project titled, “Combined Passive and Active Network Monitoring,” in collaboration with our partner, Brno University of Technology. This project is focused on combining synthetic monitoring of cloud applications with network telemetry obtained from passive sensors, such as routers, switches or Flowmon Probes. The goal is to simplify and streamline network operations through timely detection of potential issues, identification of the root cause and rapid response. The project timeline is two and a half years and should be completed in June 2026.
We are open to partnering with research organizations and universities across the globe to collaborate on joint projects, fill interim positions with undergraduate students and explore advanced topics for post-graduate study.
Continue reading...
The joint research and development program involves a disciplined approach to product innovation. It identifies formalized projects that can be executed together with research organizations, where senior researchers augment the Progress team’s work with scientific experience. Project proposals are created and submitted for review and funding by agencies on the national level, such as the Technology Agency of the Czech Republic, in a bilateral international cooperation, or in an international competition of projects funded by the European Commission. The agency funding enables the cooperation between the research organization and the company.
New Projects in the Pipeline
The year 2023 was remarkable for us, both in terms of the number of projects we completed and the new project proposals we submitted for evaluation. In 2024, we have begun two new projects so far, and two other projects are in the evaluation phase with results yet to be published.
A notable activity in 2023 was the completion of the CONCORDIAproject, an H2020 funded pan-European initiative aiming to bring together more than 50 partners across the industry and academia to innovate in the cybersecurity discipline and ecosystem. Our focus was on the analysis of encrypted traffic and automation of threat detection at a scale based on indicators of data ingested from the MISPproject—an open-source threat intelligence-sharing platform. New capabilities developed in this project are now standard features incorporated into our FlowmonNPMD and NDR platform. Thanks to the research and development, we were one of the first vendors to introduce monitoring of the emerging QUIC protocol, which is becoming a new standard for accessing web-based content. Our primary research partner in this project was Masaryk University in Brno.
Together with CESNET,we have completed a project, FlowTest, focused on enabling simulation of complex network traffic patterns gathered in an anonymous manner in a customer environment. This unique ability allows us to perform advanced performance and compatibility testing of network sensors in a lab environment that realistically emulates the real production environment. Results of the project include the ability to create network profiles, generate network traffic of required characteristics and throughput and orchestrate the entire process.
A Focus on Security
The ability to analyze encrypted traffic while maintaining privacy and integrity is essential to keep up with recent attacks and threats. Contextual analysis that can connect the dots between different network sessions, extract common properties and classify individual network sessions regardless of the encryption, enables one to more easily identify threats that are currently hidden due to encryption. At the same time, they provide network administrators additional information to create an overall picture of the state of the network, services or applications used. In the ETA project we worked together with Brno University of Technology to build new threat detection methods based on this technology. First results are already available in Progress Flowmon ADS—the ability to identify DNS over HTTPS despite encryption and additional methods are undergoing lab testing before becoming available to customers.
Within the scope of the SECURIAN project, we are developing new capabilities to automate threat hunting, security investigations and root cause analysis. We are effectively building an experienced AI-powered cyber analyst that will provide required knowledge and guidance to simplify the data analysis process. With a set of extensible and customizable playbooks and recommendations for next steps in the analysis process, we will help to streamline cybersecurity analysts' workflows and reduce the required skills gap. Our research partner is Masaryk University, and the project timeframe is 2023–2025.
In collaboration with our partners, National Taiwan University of Science and Technology, National Institute of Cyber Security in Taiwan and Brno University of Technology, we recently submitted a proposal for a project called, “Privacy-Respecting Explainable Assessment and Collection of Threats” into the international TACR DELTA 2 program. The proposal was accepted, and the project officially starts in January 2024. The focus of this two-year project is collaborative threat detection and threat intelligence processing using AI.
Streamlining Network Operations
In January 2024, we also started a project titled, “Combined Passive and Active Network Monitoring,” in collaboration with our partner, Brno University of Technology. This project is focused on combining synthetic monitoring of cloud applications with network telemetry obtained from passive sensors, such as routers, switches or Flowmon Probes. The goal is to simplify and streamline network operations through timely detection of potential issues, identification of the root cause and rapid response. The project timeline is two and a half years and should be completed in June 2026.
We are open to partnering with research organizations and universities across the globe to collaborate on joint projects, fill interim positions with undergraduate students and explore advanced topics for post-graduate study.
Continue reading...