PacketSled Partners with MSSPs to Deliver Threat Hunting-as-a-Service
PacketSled, a network visibility and threat hunting platform provider, now provides hunting-as-a-service, incident response and integrated risk management for MSSPs.
The PacketSled offering enable MSSPs to safeguard organizations against evolving cyber threats, according to a prepared statement.
PacketSled provides risk assessment, breach response and continuous monitoring capabilities for MSSPs, the company said. By doing so, PacketSled allows MSSPs to perform continual risk evaluations to help organizations build mature security programs.
Also, PacketSled empowers MSSPs with network forensics and threat hunting capabilities to create an assessment, continuous monitoring and risk management feedback loop, the company noted. These capabilities ensure MSSPs can protect organizations that have limited network security resources against a wide range of cyber threats.
PacketSled Partners with Demisto
In addition to the launch of its MSSP offering, PacketSled this month announced a partnership with Demisto, an automated incident response and security orchestration platform provider. Now, organizations can use the PacketSled platform for workflow and deep-dive investigations.
The PacketSled-Demisto integration provides organizations with the ability to investigate network traffic based on IP address, host name, traffic type and other simple search strings, according to a prepared statement. It also allows organizations to retrieve extracted files from PacketSled sensors for analysis using Demisto’s orchestration playbooks and run PacketSled’s application programming interface (API) commands to perform interactive investigations in real-time.
PacketSled offers a continuous stream monitoring and retrospection platform that provides network forensics and security analytics, along with real-time and interactive visualization of an organization’s network traffic.
The PacketSled platform monitors servers, desktops, users and applications across internal and external networks, according to the company. It uses threat intelligence attack detection and behavioral analysis to provide network visibility and prioritized actions to help organizations mitigate risk.
Furthermore, the PacketSled platform can offload data into security information and event management (SIEM) tools, orchestration engines and ticketing systems, the company said. It also can be deployed in the cloud, on-premise or as a hybrid version.
PacketSled was founded in 2012 and is spearheaded by CEO John Keister, co-founder of search, marketing and analytics firms Go2Net and Marchex. The company helps security analysts and security operations center (SOC) teams use its deep network context platform to respond to persistent threats, malware, insider attacks and cyber-espionage.