Since its commercial launch in 2015, the PacketSled platform was rooted in the Network Forensic and Incident Response space, garnering several awards and mentions for this capability1. In Q1 2019, PacketSled launched an all-new platform combining this forensic capability with artificial intelligence that is purpose-built for false positive alert suppression. We also changed our trade name to MixMode, reflecting our focus on artificial intelligence.
If you are new to the PacketSled platform, or have seen past versions of the platform, here are some highlights of what is new:
1. Third-Wave Artificial Intelligence
MixMode’s artificial intelligence is different. Most security tools leverage first or second wave technology that use a combination of rules & thresholds or static “training” data to make decisions about your data. Only PacketSled’s AI is truly purpose-built to use the context of your own environment to learn what is normal and then only alert you when something changes. The result is you get 90%+ fewer alerts. Guaranteed. Here’s a little more about how third-wave AI is solving the false-positives problem.
2. Intuitive User Interface
The new User Interface (UI) for PacketSled was designed to be intuitive, flexible and suggestive to minimize the need for training and onboarding. It is flexible enough for you to customize your views and work the way you want. Notwithstanding, the UI suggests a defined workflow to help you address security events efficiently and see what matters quickly.
3. New REST API
The PacketSled platform was built from the ground up with an all-new REST API. In fact, our new UI is really just a graphical example of this new API. This quite literally means that if you can do it in the UI, then you can do it with the API. Whether exporting alerts or importing an intel feed, the PacketSled API gives our clients and partners the flexibility they need to integrate PacketSled into their existing security stack.
Whether you are an MSSP managing a portfolio of customers or an enterprise with disparate divisions or subsidiary organizations, multitenancy tenancy allows you to have a single pane of glass view across all of your organizations without the need to co-mingle their data. Flexible and easy to deploy, PacketSled’s multitenancy lets you organize your data the way you want.
5. New Architecture
PacketSled’s new architecture was built to be performative while also supporting the Artificial Intelligence engine, API & Multitenancy functionality. PacketSled customers can store their data for 30, 60 or 90 days. Our new architecture is designed to be sure that you can search across all of your historical data in a fast, stable environment.
False Positives drain enterprise security resources and alert fatigue puts companies at risk of being noncompliant. In fact, 3 in 10 IT professionals admit that they ignore security alerts.
With this new release, the PacketSled platform has pushed back on this growing problem by providing you a focused view of your current security events, the workflow to address them and the context you need to make decisions.
See the PacketSled platform in action – contact us for a brief demonstration.
1) PacketSled Selected as SC Magazine 2018 Trust Award Finalist (1/5/2018) | PacketSled Recognized by SC Media as Finalist for Best Computer Forensic Solution (1/24/2019)
By: Russell Gray, Director of Client Success