In August of this year, BSM posted an article outlining a conversation we had with Saumitra Das, CTO at Blue Hexagon. This piece, entitled When You Live and Die by the 1-Second Rule, examined an announcement from Blue Hexagon that introduced an industry-first ability to detect and stop, in real-time, threats hidden within encrypted SSL traffic.
We reported that “With the introduction of this feature, Blue Hexagon becomes the first security vendor to offer a consistent deep learning-based threat detection platform for on-premises and cloud, to detect threats in all traffic including encrypted web and network communications. More importantly, the ability to inspect threats in less than a second at greater than 99.5% efficacy enables security teams to keep pace with the onslaught of attacks.”
Today it was announced that Blue Hexagon earned a perfect score in independent testing conducted by PCSL IT Consulting Institute. The Blue Hexagon deep learning-powered network threat protection platform was tested against one of the largest corpus of malware across a wide variety of threat families, (including a comprehensive volume of zero-days from global threat campaigns), and a large set of benign files and applications.
PCSL defined an AI testing framework to evaluate Blue Hexagon against three key network threat detection metrics:
- Threat detection efficacy: detection rates across a wide range of threat categories, and threat samples in various file types and sizes, ensuring detection encompasses the varied sophistication of threats launched by attackers today.
- False-positive rate: the accuracy of threat detection is critical as false positives can have a significant impact on security operations and manpower, distracting companies from dealing with legitimate security alerts.
- Threat detection speed: network threat detection speed, including network processing and AI inference times, is important to ensure that products can keep up with the speed of compromise challenging the industry today.
More than 40,000 threat samples from PE and document (MS Office, RTF, and PDF) formats were tested. Additionally, more than 2,000,000 benign files were included in the test repository to evaluate Blue Hexagon’s false-positive rates.
Blue Hexagon scored 100% detection efficacy, 0% false-positive rate, and 125 millisecond average detection time.
The testing framework was specifically designed to incorporate threats in executables, MS Office documents, and PDFs across a wide variety of threat categories, including financial malware, cryptominers, ransomware, trojans/spyware, and more. The test also included a large volume of benign consumer applications, enterprise applications, OEM files and more, to test Blue Hexagon’s false-positive rates.
About this test, Jeffrey Wu, CEO, PCSL IT Consulting Institute said, “We believe we’ve developed a very robust AI testing framework that validates security vendors against metrics that are critical to CISOs. Our core methodology measures threat detection efficacy, false positives, and threat detection speed. Blue Hexagon has taken an extremely ambitious approach to tackling network threats using deep learning. They have demonstrated a perfect score of efficacy–while having zero false-positive alerts—against our comprehensive testing framework, supporting their claim as one of the most accurate network threat protection products in the industry today. Their AI-based platform showcases the speed of detection possible from non-signature and non-sandbox-based detection.”
“We started Blue Hexagon to address the fundamental problem of perimeter threat detection by harnessing the power of deep learning technology. Our results with customers had exceeded our expectations, and now PCSL has independently verified our claims of network threat detection efficacy, low false alerts, and exceptionally fast network threat detection times,” said Nayeem Islam, co-founder and CEO, Blue Hexagon.
For more information on the tests please download the PCSL Report here.