IDMEF Partner Program

Following the adoption by the French administration of the IDMEF and IODEF formats within the General Interoperability Repository, CS announces the launch of its new “IDMEF Partner Program” to promote interoperability in cybersecurity and thus meet the new challenges of vital operators (OIV).

Since 2014, CS has been managing the SECEF (Security Exchange Format) project, in partnership with Télécom Sud Paris and Centrale Supélec, under the direction of the DGA Maitrise de l’Information and in collaboration with the COSSI (Centre Opérationnel de la Sécurité des Systèmes d’Information) of ANSSI. This project aims to promote and improve the 2 existing standards (IDMEF- Intrusion Detection Message Exchange Format and IODEF- Incident Object Description Exchange Format) to facilitate exchanges in cyber detection.

At SECEF DAY 16, 4 partners, already covering several complementary aspects of cybersecurity, were present to present their solution and demonstrate their interoperability with Prelude SIEM through the IDMEF format:

  • High performance NIDS: Stamus NetworksStamus Networks is a high performance network intrusion detection probe editor offering protocol data extraction capabilities as well as centralized administration.
  • Global SSO: ILEX – Sign & GoThe Sign&go solution is modular and offers enhanced authentication, Web Access Management, Mobile Access Management, identity federation and eSSO (or “Enterprise Single Sign-On”) features.  This is the first product of Global SSO.
  • Anti-DDoS : 6cure Threat ProtectionThe 6cure TP solution eliminates malicious traffic to critical services in real time with a simple philosophy: preserving the integrity and performance of legitimate flows. 
  • Anti-virus : Teclib’ – ArmaditoArmadito is a brand new modular and multi-platform open source antivirus project (Linux and Windows), which provides signature detection and heuristics analysis modules. A centralized administration solution based on GLPI is under development.

Three new partners have already announced their willingness to join the program:

  • Darktrace, world leader in “Enterprise Immune System” technology, based on self-learning and Bayesian
  • Quarkslabs mathematics and their IRMA (Incident Response & Malware Analysis) malware detection and analysis solution, 
  • Sentryo, publisher of an industrial Internet monitoring platform.

For more information and to participate in this program, please contact the Prelude team.