SummaryThe Information Security Team of a Defense Contractor with a nationwide and worldwide presence selected PacketSled as a core tool to increase visibility and significantly improve the IT security defenses that safeguard its networks and development environments.
ChallengeThe company values cybersecurity solutions that provide constant monitoring against new security vulnerabilities and exploitation techniques. Constant vigilance in these environments and a solution that could demonstrate immediate value to the company was vital. IT Security Team Goals:
- Continuously monitor, investigate, and react to security events in real-time
- Identify advanced nation-state malware, phishing, and network attacks in multiple geographic locations
- Combine full packet capture with threat intelligence across diverse environments without a substantial investment in new infrastructure or a large learning curve.
PacketSled’s SolutionPacketSled was able to provide a solution that met the company’s goals. The company’s IT Security Manager characterized the PacketSled solution as essential, especially when high risk threats are imminent and time is of the essence.
“It was a snap to deploy PacketSled within our environment and we quickly realized its value. PacketSled provides robust network traffic context combined with an intuitive interface and fast search/pivot capability, all without the overhead and high cost of classic full packet capture solutions.”With PacketSled the company’s Security team:
- Uncovered hidden attack signals.
- Improved network context to the threat hunting and anomaly detection processes.
- Utilized interactive visualizations and pivoting capabilities to provide meaningful situational awareness during incident response.
- Improved east/west network traffic visibility and security monitoring on internal segments.
- Quickly retrieved historical network data during incident response exercises.
- Automatically checked traffic against built in, open source, and custom detection signatures.
The company’s IT Security Manager shared the impact of PacketSled on their Security Operations, “PacketSled’s unique approach to network security and visibility empowered us to improve our incident response times, threat identification capabilities, and network traffic understanding.”
“We are privileged to collaborate with top operational teams, mature in their approach and capability model. This collaboration is critical for a unified mission, protecting the defense industrial base, public and private sector” said Fred Wilmot CEO at PacketSled.