kflow empowers security teams to access new class of security data
Tarsal, the security data movement company, launched kflow, an open-source project based on the extended Berkeley Packet Filter (eBPF). kflow creates a new classification of security data, bridging the gap between network traffic and encrypted data, providing a real-time stream of Linux kernel activity.
Also Read:Â CIO Influence Interview with Deb Goodkin, Director of FreeBSD Foundation
eBPF is a kernel-level technology for monitoring and manipulation on Linux operating systems, expanding the operating system’s abilities by tapping into the kernel without harming the active operating system. With kflow, security teams can broaden the range of data types that can be ingested and collected beyond just network data. The technology enhances organizations’ ability to collect, process and analyze security data in real-time, ensuring a higher level of system integrity and threat responsiveness without proprietary endpoint agents and SIEMS.
kflow is spearheaded by Tarsal’s new CTO, Barrett Lyon who joined Tarsal alongside the close of the company’s $6M in seed funding last month. The technology behind kflow has been in development for more than four years and is the result of the minds at the think tank Mango Slushy.
“With the introduction of kflow, we’re not just launching an open-source project; we’re creating a new classification of security data that will enable teams to treat security problems as data problems enabling teams to detect malicious behavior before it happens,” said Barrett Lyon, CTO at Tarsal. “Our goal is to foster community and empower organizations to harness the full potential of their security data, enabling proactive defense mechanisms and smarter decision-making. kflow brings a whole new method of security research to the industry, and with this new method, kflow can change the future of security.”
A Leap Forward in Security Data Management
kflow creates a new type of streaming security data to capture a wide array of system and network events, offering visibility into organizations’ pre-encrypted workloads. It can be used in a wide range of applications from malware detection to tracing data movement. Its open-source collaboration fosters innovation and rapid adoption in security data management technologies from the global community. It has zero-trust data streaming, ensuring data integrity and security by adhering to a zero-trust approach in data movement from endpoints to collectors, making it easier for users to catch ransomware and other cybersecurity threats.
Also Read:Â Importance of Data Protection in Cybersecurity
“At Tarsal, we want to empower people to get the data they need, where they need it. The launch of kflow allows users to peruse as much data as they want, at n******,” said Sunny Rekhi, CEO and co-founder at Tarsal. “More security data means better security detection and tools for teams, bringing us one step closer to making data analytics more affordable and comprehensive for security teams.”
Tarsal’s innovative one-click ETL platform enables analysts and engineers to seamlessly ingest, normalize and analyze data in the platform of their choice, including major data warehouses, SIEMs and XDRs. Tarsal solves the complexities of managing multiple data sources and destinations via efficient data movement and high-quality data delivered from any source to any destination.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]