Arbor Networks Buys Security Analytics Startup Packetloop

Arbor Networks said Tuesday that it has acquired Packetloop, a Sydney, Australia-based startup focused on security analytics.

Packetloop’s technology delivers real-time, network-wide situational awareness by leveraging a combination of packet capture, big data analytics, security forensics and visualizations that help enterprises detect malware and targeted attacks.

Packetloop explains that instead of “operating on a copy of a copy of security event information,” its solution “maintains full fidelity minute-by-minute analysis over years and years of network traffic”.

Arbor Networks said that Packetloop’s capabilities complement Arbor’s NetFlow visibility, anomaly detection, application intelligence and identity tracking.

Arbor also said Packetloop’s technology would be integrated into Arbor’s enterprise solution platform this year, using Packetloop’s forensics capabilities as the foundation of Arbor’s next-generation threat monitoring and mitigation platform.

“The Packetloop technology and people are a great addition to the Arbor team. They bring tremendous insight and knowledge in applying security analytics to the advanced threat landscape. They have developed a really innovative and powerful solution that brings context to data, quickly, and in a meaningful way for those who need it,” said Arbor Networks President Colin Doherty.

“Arbor shares our belief that detection is the key, prevention is the goal and it all starts with great visibility. We also believe that data without context is meaningless,” said Packetloop co-founder and Chief Executive Officer Scott Crane.

“Arbor is building a network security and analytics platform that goes far beyond DDoS detection and mitigation,” said John Grady, research manager for Security Products at IDC. “Adding a big data security analytics and forensics platform like Packetloop’s makes sense as they extend into the broader advanced threat market. Arbor now has a unique combination of NetFlow, packet capture and global threat intelligence from their ATLAS infrastructure to address today’s dynamic threats that evade signature-based solutions.”

Packetloop’s solution is currently delivered as a Cloud-based offering that lets customers upload and analyze their own packet captures. Packetloop has an on-premise, real-time network solution in the works that includes prepackaged Virtual Machines and hardware appliances. The on-premise solution will connect the customer to the Cloud for real-time processing. Arbor also plans to integrate the on-premise solution with its enterprise solution platform.

The terms of the deal were not disclosed, though Arbor did say that it plans to invest in and expand Packetloop’s operations in Sydney, Australia.