Listen to the full podcast segment on ”Mon Carnet” by Bruno Guglielminetti
Émilie Delvoye, Director of Communications at Prompt, meets Karim Ganame, President and Head of Cybersecurity at StreamScan. He also holds a PhD in cybersecurity and is a professor at Polytechnique. StreamScan specializes in operational cybersecurity and helps organizations of all sizes protect themselves against cyber threats and minimize their disastrous consequences.
They present two technologies designed to detect and block cyber threats.
Check out key excerpts from the interview.
Can you explain how these technologies work?
We come from the world of incident response. When we started out, we were directly in the field, helping companies manage cyberattacks, particularly ransomware cases. This front-line experience allowed us to see the limitations of existing tools. It was this realization that prompted us to develop our own technologies.
Today, our vision of effective cybersecurity is based on a defense-in-depth strategy. The idea is simple: to properly protect a network, you need to secure both its perimeter—the entry point—and each of the devices within it.
The first technology we developed is called CDS – Cyber Threat Detection System. It acts as a surveillance system at the network entrance, much like a camera at the door of a house. It analyzes all incoming and outgoing communications using signature patterns, but also artificial intelligence, to detect suspicious behavior or anomalies characteristic of a cyberattack. When a threat is spotted, the communications get blocked before they cause any damage.
This technology has been recognized as an innovation by the Canadian federal government, which has enabled us to sign two major contracts: one with the Department of National Defense, and the other with the Communications Security Establishment Canada.
The second technology arose from a need that became apparent during the pandemic. The widespread shift to remote working rendered several internal security measures obsolete. A solution was therefore needed that could protect home computers as if they were still part of the company network.
That’s how we developed our EDR – Endpoint Detection and Response. It’s a next-generation antivirus that doesn’t just scan files: it also monitors active processes on the machine, network connections, and other telemetry data. The goal is to detect any abnormal behavior.
For example, if a computer starts scanning other machines on the network, this is a clear sign of a potential attack. And believe me, after handling numerous incidents, this type of behavior is almost always a sign of a serious problem. Our EDR detects this type of activity and stops it immediately, before it spreads.
So you mentioned the government earlier, in relation to everything that’s happening right now, and the geopolitical landscape that is changing very, very quickly. How can solutions like yours, which are developed in Quebec, be useful in terms of defense?
We have been active in the defense sector for several years. For the record, a few years ago, we secured a contract with the Royal Canadian Air Force to develop artificial intelligence-based technology capable of detecting cyberattacks targeting fighter jets. This experience has enabled us to build cutting-edge expertise in this highly strategic sector.
Through our work in this field, we have acquired in-depth knowledge of the applications commonly used in the defense ecosystem—whether within ministries such as the US Department of Defense or the Canadian Department of National Defense, or throughout their supply chains. In reality, a large part of the risk comes from suppliers. When a supplier is compromised, it can lead to delays or even major disruptions throughout the supply chain. That’s why we’ve set up a dedicated testing environment that allows us to analyze the applications used in this sector and develop AI-based detection models specifically trained to recognize threats specific to these environments. Our technology is able not only to detect traditional cyberattacks, but also highly targeted attacks, often sponsored by state actors, whose goal is to disrupt operations or compromise the defense supply chain of Canada, the United States, or more broadly, their allies.
[…]
And as part of your research, do you also work with academia, with partners?
Absolutely, collaboration with academia is very important for a company that is active in the field of innovation, as it gives you access to university researchers who have already developed certain areas of expertise. Working and collaborating with them saves time, allows you to benefit from their expertise, and enables you to get to market faster with technologies that work.
StreamScan is one of the local organizations listed in a cybersecurity map created by Prompt, which is available on our website. We invite you to download it to protect your activities from cyber threats with local solutions.
