CARRIER-GRADE PACKET CAPTURE and
NETWORK EVENT LOGGING FOR
SOC and NOC TEAMS AND SERVICE PROVIDERS
Packet Continuum is a powerful software architecture for 24/7 continuous network capture/monitoring operations, targeting Managed Security Service Providers (MSSP), Enterprise Security Operations Center (SOC) teams, and Network/IT Operations teams. NextComputing offers a flexible business model for financial, technical and logistic support services. Core functions include:
- Advanced policy-driven threat-hunting
- Real-time alerting/detection of Indicators of Compromise (standards-based)
- Fast search of lossless packet capture history, and correlation with events
Packet Continuum targets SOC and IT Operations within Service Providers and End User Enterprises. Use cases include:
- Threat-Hunting and IoC Audit/Assessment
- SOC team Incident Response
- Network IT/Operations packet-based QoS troubleshooting
NextComputing’s Packet Continuum is
a new “Packet Capture” Paradigm
Packet Continuum deploys on a wide range of rackmount and desktop common hardware platforms, from cost-effective sensor/recorders to enterprise-class servers (see Platforms Table on last page). It is uniquely cost-effective when deployed at scale. Examples of how packet Continuum can scale include:
- Numerous distributed sensor/recorders within a highly-scalable “Federated” network architecture, for close coordination with a central Security / Network Operations Center.
- Long capture timelines for days, weeks, or months of lossless packet capture data history, when quick-response search is required. Added timeline features include in-line data compression and policy-driven data retention.
- High capture rate capture points (eg. 40Gbps, 100Gbps, and beyond) where a full feature set of real-time analytics functions must run at line rate with deterministic performance: Continuous lossless full packet capture (PCAP), real-time IDS alerting and other user-defined Policy Management, with simultaneous search/recall for Incident Response.
Packet Continuum is disrupting the market with open data access, smooth scale, and long timelines – at very low cost.
Cyber theft is the fastest growing crime in the United States. The cybersecurity community and major media have largely concurred on the prediction that cyber crime damages will cost the world $6 trillion annually by 2021. Cybersecurity spending is expected to exceed $1 trillion by 2021.
Global ransomware damage costs are predicted to exceed $5 billion by the end of 2017, a 15X increase in the past two years. Healthcare organizations are the No. 1 cyber-attacked industry with ransomware attacks expected to quadruple by 2020. This translates to human attacks reaching 4 billion people by 2020. As the world goes digital, humans have moved ahead of machines as the top target for cyber criminals. Microsoft estimates that by 2020, 4 billion people will be online—twice the number that are online now. Today’s hackers smell blood, not silicon.
Cyber crime will more than triple the number of unfilled cybersecurity jobs, estimated to reach 3.5 million by 2021. Every IT worker, every technology worker, must be involved with protecting and defending applications, data, devices, infrastructure and people. There is a massive cybersecurity workforce shortage, resulting in an unemployment rate of zero within the industry.
“…most major industry player tools are expensive and offered as proprietary, single or incomplete solution security tools.”
More than a quarter of data breach incidents in 2016 took at least one month for companies to discover, and 1 in 10 went unnoticed for at least a year. These results are compiled from the latest report on data breaches from Verizon’s security research division, which analyzed 1,935 breach incidents reported by 65 organizations. According to the report, nearly two-thirds of the breaches that were discovered in days or less were associated with incidents that are easy to catch, like physical theft or administrative accidents. Breaches that took months or longer to detect largely fell into categories like “cyber-espionage,” “point-of-sale intrusions,” and “privilege misuse.”
Why the big increases in the share of incidents discovered at both the long and the short end of the timescale? The facts are most major industry player tools are expensive and offered as proprietary, single or incomplete solution security tools. They do not mix with other cybersecurity tools effectively enough for a complete security solution. Many of these tools are also very complex and labor intensive to use. They often lack true lossless forensics recovery analysis capabilities in the event of a breach.