Damballa’s Threat Discovery Center (TDC) has unmatched data visibility into the world’s Internet activity.

Every day our Threat Discovery Center monitors:

  • Nearly 15% of the world’s unfiltered, unbiased Internet activity
  • More than 1/2 billion devices
  • The network communications of over 100,000 malware samples

This data flows into our Machine Learning Systems, which continuously produce innovations for our enterprise and ISP advanced threat protection products.

Big Data and Applied Machine Learning

Big data means nothing unless you can extract meaning. Damballa’s engineers harvest more than 25 billion Internet records daily into Hadoop Clusters for analysis. Our data scientists and threat research identify features within the data to describe benign versus malicious communications.

Next, they create Machine-Learning algorithms to analyze those features and find statistical representation of malicious activity. The result of this analysis is Machine-Learning systems, which produce behavioral models, or classifiers. These classifiers are delivered into our advanced threat protection products.

Live customer traffic is monitored by the Damballa advanced threat detection products and flows past the classifiers – if a statistical threshold of certainty of infection is reached between the live traffic and classifiers, we produce evidence of compromise by a cyber threat(s).

Data Scientists

Damballa was founded in 2006 by data scientists from the Georgia Institute of Technology. Today, Damballa’s Scientific Research team is at the forefront of applying data science and machine learning to identify emerging cyber threats on networks. Their innovations have produced multiple patents and pending patents.

The team’s research is widely published in top academic and industry conferences around the world. Individual team members hold multiple degrees, including Ph.D.’s in Computer Science and B.A., M.S. and J.D. degrees in Computer Science, Engineering and related fields. Languages include Pashto, Urdu, Arabic, Chinese and Greek.

Threat Reseachers

Damballa’s Threat Research organization consists of experts from a variety of industries and government organizations. The team’s backgrounds include a mix of threat intelligence and support for Law Enforcement, Counter Intelligence, Intelligence, military and commercial CERT/SOCs, Incident Response and network monitoring on a global scale.

Team members have expertise in investigating and tracking APT (advanced persistent threats), Financial, PoS, hacktivist, spam botnets and traditional botnet threats. Languages include French, Arabic, Chinese and Russian.

We protect the world’s largest enterprises, ISPs and mobile carriers across 5 continents
Learn More >
We analyze nearly 15% of the world's Internet activity and monitor over ½ billion devices.​
Learn More >
Of devices that Damballa says are communicating with criminals actually are.
Read White Paper >