Sydney startup PacketLoop to challenge SIEM

By

'Like Netwitness in the cloud'.

Three Sydney security engineers have today launched a beta for big data analytics startup PacketLoop.

Sydney startup PacketLoop to challenge SIEM

The network packet capture analytics tool is pitched as a hosted alternative to "waning" Security Incident and Event Management (SIEM) systems, and has gained some 200 registrations.

The company describes the tool as a means to help users "find the needle in the haystack" by analysing "every packet, conversation, protocol and file for threats and deviations from normal traffic" and pumping the data out as slick comprehensive visualisations.

 "We have been referred to as 'Netwitness in the cloud'," chief technology officer Michael Baker told SC.

"[SIEM does not] answer the questions security professionals have when trying to understanding, analyse and investigate threats and breaches. They are exceptionally difficult to integrate and expensive. However I believe the bigger problem is they don't help you explore and explain threat data which is the exact problem we solve."

Baker, a co-founder alongside Scott Crane and Tyson Garrett, says the tools' ability to scale to "massive amounts" makes it suited to large enterprises and government agencies, but he notes a pricing model will be developed suit smaller organisations.

The beta version features a threat module and works with Google Chrome. More browsers and modules will be introduced into the commercial model next month.

Baker says he anticipates SIEM vendors will move to process full packet captures and fix issues of scale as they push into big data.

In a blog, he outlined 10 ways the product differed from SIEM, including a lack of "punishing pie charts", absence of parsing, and the inclusion of full fidelity data.

RSA in a report (pdf) this month had outlined the value of integrating big-data analytics into security operations.

"Within the next two years, we predict big data analytics will disrupt the status quo in most information security product segments, including SIEM; network monitoring; user authentication and authorisation; identity management; fraud detection; and governance, risk and compliance," it states, adding that analytics tools will have "advanced predictive capabilities and automated real-time controls" within three years.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
big datacloud computingloggingsecuritysiemvendors

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?