New sensor technology that reduces the gap between detection and response highlights the changes in PacketSled’s enhanced platform.
San Diego-based PacketSled, a startup which makes a network visibility solution designed for incident responders, has announced the release of the newest version of its platform. While PacketSled is among the increasing number of companies who no longer badge a new release with a number stamp, in terms of the maturity of the product, this would be about Version 3.0.
“We have 22 paying customers and have been shipping product for about a year and a half,” said Fred Wilmot, PacketSled’s CTO and Interim CEO. “I think we are unique in what we bring to the market. We are the incident responders’ tool of choice to get the initial assessment and visibility to understand the scope of what they are dealing with. The proof is in the pudding, as organizations like Cylance, Carbon Black, and Optiv use us.”
The PacketSled platform uses deep packet inspection, protocol dissection, ensemble detection methods, and behavioral analysis, along with a visualization engine that provides first responders with an intuitive and efficient network visibility.
“We offer a one stop shop to get visibility,” Wilmot said.
For PacketSled, the new release presents an opportunity to get back on offense in the marketplace. In November, they were placed on defense after founder and then-CEO Matt Harrigan reacted to the election results by taking to Facebook and threatening to assassinate the President-Elect. That incident got wide and unwanted publicity, and made it impossible for Harrigan to remain with the firm. Wilmot, who is best known for his time at Splunk, had been recruited by Harrigan last year to the Chief Technology Officer position, and added the interim CEO position to his letterhead at that point.
“I come from a very different background from the previous CEO,” Wilmot said. “Afterwards, we sat down and called every single partner and every single customer. We didn’t lose one customer, and we didn’t lose one partner.”
While Harrigan was the founder and a highly technical guy, Wilmot said that they haven’t missed a beat from a design perspective since his exit.
“Matt brought me here to build the platform,” Wilmot said. “I built the first enterprise security platform at Splunk. We made a departure from the original methodology when I came, and that new vision remains intact. I’m super proud of the amazing engineering team I have.”
The new version of the platform features new sensor technology that can be installed in minutes. It makes shipping appliances to engagements redundant, and greatly reduces the time between compromise detection and response.
“I consider the new sensor management framework to be the crown jewel of this particular release,” Wilmot said. The framework also allows responders to add custom intelligence feeds, including STIX objects for known campaign activity.
“We have also added the ability to enrich data with additional threat intelligence – a lot more detection, a lot more protocol analyzers, the addition of analytics, and additional rules logic to deal with new types of attacks,” Wilmot added. “We also have a stronger, more robust Cloud scale capacity, which is important for the Internet of Things.”
PacketSled has built a small but significant channel which has become significant to their business.
“We’ve been in the channel now for 9-12 months, Wilmot noted. “We are a pretty small company, and have a dozen plus partners, but they are of very high quality. 75 per cent of our business last year came from the channel, across multiple verticals.
“The interesting thing about our partners is the rate of adoption, which is the most significant piece, and the ferventness of their support, both among solution providers and MSSPs,” Wilmot added. “We want to help these experts continue to be experts, and with our platform, they can drive additional risk management and mitigation strategies.”