We’re Ushering in the Next Era of Network Forensics – Say Hello to ThreatEye

By Randy Caldejon, CTO and co-founder, CounterFlow AI

Today, we introduced our flagship solution, ThreatEye – an open, scalable AIOps platform that brings together machine learning, full packet capture and visualization to identify network faults, anomalies and threats at wire speed. 

Thanks to a great team behind the platform and our deep expertise in applying data science and machine learning to improve the signal-to-noise ratio of network data, we’re ushering in the next era of network forensics. 

The challenges that security analysts have faced for decades with data packet capture and network intelligence have been immense. I examine those in a lot more detail in my recent column at darkreading.com – “AIOps: The State of Full Packet Capture Enters the Age of Practicality.”

As a security analyst in the military, I can remember how cumbersome the packet capture process was and the amount of time it took for us to analyze all recorded data in the network. More often than not, a large swath of that data was not forensically relevant to our investigations. It was extremely challenging.

However, AIOps and its gradual adoption across the enterprise is providing a gateway to apply and innovate with machine learning and data science to put those challenges behind us. Our team has applied our combined expertise to bring innovation to network forensics in the form of ThreatEye. Here’s why it’s different.

The ThreatEye Network Forensics platform incorporates machine learning and artificial intelligence to enable intelligent packet capture, which allows security teams to keep high-fidelity data and eliminate extraneous data by up to 80%. 

This is significant because legacy solutions supporting bulk packet capture have put the burden on organizations and their security analysts to ingest, analyze and record all the network data. There are substantial data storage requirements associated with this that make the cost of packet capture virtually unaffordable at scale. And that approach often leads to slow and inconclusive findings. How does this help the security analyst and organization at a time when the network environment is becoming even more complex? 

It doesn’t. 

The next era of network forensics is long overdue. But there’s no more waiting.

I welcome you to learn more about ThreatEye, the technology stack we employ to deliver AIOps-driven solutions and how we help security teams better identify network anomalous behavior and performance bottlenecks in a more practical way.

Welcome to AIOps for Network Forensics.