Originally developed for the UK Government back in 2011, Perception is the world’s first bio-inspired network security solution, which will complement Serco’s existing computer network security systems by identifying the potential threats they cannot.
Mark Henshaw, head of information security for Serco Group, explained: “I’m extremely impressed with Perception as it very effectively fills the gap that has developed between traditional network security tools and the expanding threat landscape as we see increasingly sophisticated malware and blended advanced threats.”
Henshaw added: “Perception sold itself as it’s a powerful tool that identifies apparently benign events which could seriously impact Serco. It’s proving to be simple to implement and has demonstrated value in a very short time by identifying malware, policy violation, suspicious data movement, device configuration issues and pointers to areas where awareness training should be increased. Many of the issues identified were subtle in nature and not picked up by our current network security systems.”
Unlike other cyber security solutions, Perception is behavioural with no rigid rules-based architecture. Perception adapts to the network’s changing profile, automatically identifying malicious activity and making it more difficult for malware to evade detection. It will also detect the slow, unauthorised exfiltration of business information even when obfuscation techniques are used to evade traditional rule-based security defences.
Perception runs at high data rates at the core of a network rather than at the perimeter. Targeted, complex logic performs in-depth analysis and classification, avoiding the high false alarm rates usually experienced with anomaly detection systems.
“Serco supported Chemring Technology Solutions during Beta tests of Perception,” concluded Henshaw, “and we were particularly impressed by how different it is from traditional network security systems that rely on pattern matching. Perception collects and analyses information in a different way by looking for the unusual and linking apparently non-threatening network activity to identify hidden malware.”