Product Overview
Perch Security offers a comprehensive, co-managed threat detection and response platform designed to protect networks of all sizes, from small and medium-sized businesses (SMBs) to large enterprises and managed service providers.
Key Functionality
Threat Detection and Response
- Threat Detection and Response: Perch Security’s platform is backed by an in-house Security Operations Center (SOC) that operates 24/7. The system detects known and potential threats on your network and hosts, with certified analysts monitoring alerts continuously to triage and escalate real threats as needed.
Automation and Integration
- Automated Threat Intelligence: Perch automates the consumption and analysis of threat intelligence from various sources, including industry-specific sharing communities like ISACs and ISAOs. This automation ensures that threat intelligence is effectively utilized without manual intervention, enhancing the overall threat posture of the organization.
- Multi-Source Threat Intel: The platform supports any threat intelligence feed chosen by the user, providing a vendor-agnostic approach. This allows for a more comprehensive view of potential threats by aggregating intelligence from multiple sources.
Log Management and Compliance
- Log Storage and Correlation: Perch offers log storage with configurable retention, enabling users to correlate network and log data through a single interface. This feature is crucial for compliance and deeper investigation into security events.
Visibility and Analytics
- Full Network Visibility: The platform passively collects network data, providing access to netflow and other protocol metadata. This ensures complete visibility into network activities, helping in the detection and analysis of threats.
- Microsoft 365 Integration: Perch integrates seamlessly with Microsoft 365, parsing and analyzing every event, audit log, and security log generated. This integration allows for a holistic view of security events across the organization, including logs from host machines, network devices, and firewalls.
User Interface and Customization
- Centralized Web Application: Users can access and interact with their threat intelligence program through a robust yet intuitive web application. This interface allows for customizable visualizations, reporting, and alerting based on specific security issues or events.
- Customizable Alerts and Reports: Perch enables users to create custom alerts and reports based on querying log data. This includes scheduled searching, throttling, and trigger mechanisms, making it easier to solve security-related problems.
Human and Machine Collaboration
- Human-Led and Machine-Driven: The platform combines the expertise of human analysts with the efficiency of automated systems. This hybrid approach enhances the effectiveness of threat detection and response, allowing users to leverage both human talent and technological investments.
Deployment and Scalability
- Flexible Deployment Options: Perch offers various sensor options to fit different business needs, from small branches to mid-size datacenters. These sensors can be easily set up and integrated into existing security stacks without downtime.
In summary, Perch Security’s Managed Threat Detection and Response Platform is a versatile and powerful solution that automates threat intelligence, provides comprehensive log management, and offers 24/7 SOC support. Its ability to integrate with multiple sources, including Microsoft 365, and its customizable analytics and reporting features make it an ideal choice for organizations seeking robust cybersecurity protection.