Press Enter to search or Esc to close

← Back to Threat Intelligence

PacketViper Launches Version 6.0 — One Platform. Every Angle. No Compromise.

FOR IMMEDIATE RELEASE

PITTSBURGH, PA — March 24, 2026

PacketViper Launches Version 6.0 — One Platform. Every Angle. No Compromise.

PacketViper today announced the general availability of PacketViper 6.0 — the most complete, highest-performing release in the company’s history and a fundamental rethinking of what a unified cyber defense platform can do.

Version 6.0 does not add features. It raises the ceiling. In production testing, the platform processed over 300 million fully enriched security events per hour — every one of them geo-classified, rule-evaluated, and written to a self-contained analytics engine in real time. It tracked over 2 million concurrent sessions simultaneously. It did all of this on commodity server hardware that costs a fraction of what legacy security appliance vendors charge for comparable throughput.

The security industry has spent years telling organizations to buy more tools. PacketViper 6.0 is the answer to that approach — and it runs in a single box.

Built Different. Performs Different.

The engine behind PacketViper 6.0 is a completely redesigned Adaptive Control Engine (ACE), paired with the new Mirror Traffic Adaptive Controller (MTAC). Together, they deliver something that has not existed before in a software-based security platform: wire-speed enforcement, deep inspection, real-time analytics, and adaptive load management — all in one pipeline, with no performance tradeoffs between them.

The numbers back it up:

  • Over 300 million fully contextualized security events processed per hour in production validation. Every event carries complete geo-IP attribution, rule evaluation, and behavioral context — not sampled, not summarized. Every one.
  • Over 2 million concurrent sessions tracked simultaneously under peak load, with full security context maintained throughout.
  • Wire-speed forwarding for established sessions, with deep inspection applied to new connections — without degrading throughput.
  • Adaptive surge management sustains enforcement continuity under traffic spikes that would bring other platforms to their knees.

No purpose-built ASIC. No $200,000 chassis. Commodity hardware.

The Enforcement Path, Reinvented

The most significant engineering advance in Version 6.0 is one that users will never see — because it happens in microseconds, before a packet reaches anything it was not supposed to reach.

PacketViper 6.0 removes database dependency from the enforcement hot path entirely. Every enrichment operation — geo-IP classification, rule matching, sensor correlation — now executes in memory. Zero database hits in the critical path. The result is an enforcement engine that does not slow down as traffic volumes climb.

  • Hot-path database operations per packet: reduced from 6 to 2.
  • Analytics storage: a high-throughput batched ingestion pipeline handles hundreds of millions of events per hour without touching the enforcement path.
  • Query performance over 170 billion stored events: aggregate counts in under 100 milliseconds. Country-level traffic analysis in under 3 seconds. Dashboard widgets in under 50 milliseconds.
  • Full interactive dashboards load in 2-5 seconds under sustained load — compared to 8-15 seconds per widget in the prior architecture. Queries that used to time out now return in under 150 milliseconds.

This is not incremental optimization. It is a different class of platform.

Moving Target Defense — Fully Autonomous

Attackers depend on one thing above all else: a target that holds still.

PacketViper 6.0 takes that away completely. The redesigned Deception Strategy Manager introduces strategy-level auto-rotation across the full Automated Moving Target Defense framework — continuously and autonomously shifting deceptive surfaces, rotating decoy behaviors, and invalidating reconnaissance data before it can be used.

Hundreds of simultaneously active decoy profiles. Auto-rotation running around the clock without human intervention. An attack surface that looks different every time an attacker checks.

In a recent engagement, a leading cybersecurity firm’s red team — with full knowledge of the deployment and unlimited time — exhausted their entire assigned IP space without reaching a single real asset. The moving target had already won before the attack began.

Analytics Without Limits — or Cloud Dependency

The AlertBox Intelligence Layer has been rebuilt from the ground up as a high-performance, fully self-contained analytics engine. Air-gapped environments, classified networks, disconnected industrial sites — all of them now get the same real-time visibility and compliance-grade reporting as cloud-connected deployments.

This is not a lite version. It is the full platform.

170 billion events stored and queryable. Sub-100 millisecond aggregate queries. Real-time dashboards. Compliance reports. All on-premises. All under your control.

For organizations in regulated, classified, or connectivity-constrained environments, this changes everything.

One Console. Every Site.

PacketViper 6.0 introduces Enterprise Federation — centralized command of distributed deployments across every site in the organization, from a single control point.

Every node. Every policy. Every event. Unified. Coordinated AMTD strategies across the entire federated environment. Real-time telemetry from a remote pump station 500 miles away, visible in the same dashboard as the data center. Deception assets orchestrated at scale without manual configuration at each site.

For multi-site enterprise and critical infrastructure operators, this is the management architecture they have been asking for.

Compliance That Proves Itself

The expanded Security Hardening and Compliance Suite maps platform capabilities directly to NIST, ISO 27001, IEC 62443, CIS Controls, and NERC CIP — and the integrated Security Posture dashboard turns that mapping into audit-ready evidence.

No more manual control documentation. No more gap analysis spreadsheets. The platform shows you where you stand, what it covers, and what you can show an auditor.

OT Security That Does Not Touch OT

PacketViper 6.0 sets a new standard for operational technology security — and does it without installing a single agent on a single device.

The platform sits inline as a transparent bridge. It watches every packet. It builds a complete asset inventory from observed traffic, passively, without active scanning and without any risk of disrupting production equipment. It models which assets communicate normally and enforces inline when anything deviates from that baseline.

Virtual Agent protection enforces CVE-specific compensating controls per asset, per firmware version — dynamically updated as devices change. Trust relationship enforcement catches unauthorized lateral movement between OT assets automatically, including the connections that have no business existing and no one has ever looked for.

Across critical infrastructure deployments, PacketViper 6.0 has discovered thousands of OT assets that operators did not know existed — with zero scanning, zero disruption, and zero changes to existing equipment.

Protocol support: Modbus, DNP3, BACnet, EtherNet/IP, S7COMM, NTCIP.

And when an attacker physically breaches a remote field cabinet and plugs directly into the network — bypassing every cloud-connected detection platform in the stack — the Remote Security Unit keeps enforcing. Autonomously. On the last known policy. No connectivity required. No gap. No window. The physical breach becomes the trigger for the cyber response.

A Platform, Not a Product

Version 6.0 is the foundation of something larger. Beyond the headline capabilities, the platform ships with a full suite of integrated capabilities that most organizations currently address with separate tools — or do not address at all.

DNS Intelligence filters and monitors DNS traffic at the network layer, blocking malicious resolution attempts and surfacing command-and-control activity before it becomes a breach. Application visibility and control gives security teams granular awareness and enforcement over application-layer traffic without deploying endpoint agents. Live traffic mapping delivers a real-time, continuously updated view of network communication relationships — who is talking to whom, over what, and whether it should be happening. Asset management ties discovery, classification, and behavioral baselining together into a continuously maintained inventory that stays current without manual updates or scheduled scans.

Compliance is built in across 21 frameworks and 258 controls — automatically scored, continuously tracked, and ready to present to an auditor without a manual documentation exercise. And with 52 active integrations across leading security platforms — including CrowdStrike, Cisco, Fortinet, Dragos, and others — PacketViper 6.0 does not replace your existing investments. It makes them work harder.

Dedicated announcements covering these capabilities are planned throughout Q2 2026.

The Economics Are Not Subtle

Enterprise security performance has always come with an enterprise price tag. PacketViper 6.0 changes that math directly.

The redesigned pipeline delivers 4.6x throughput improvement over the prior architecture on the same hardware. Deployments sustaining 500,000+ connections per second run on commodity Xeon-class servers in the $5,000-$15,000 range. Major network security appliance vendors sell purpose-built hardware for comparable throughput at $60,000 to $350,000 — before licensing.

For OT and edge deployments, the PV Edge DIN-rail fanless platform runs in field cabinets, traffic enclosures, and industrial environments where rack hardware has never been an option.

One platform. A fraction of the cost. No architectural compromise.

From the CEO

“We have spent years listening to the people who actually run these networks — not the analysts who write about them, but the engineers and operators who are responsible when something goes wrong,” said Francesco Trama, Chief Executive Officer of PacketViper. “Version 6.0 is built from those conversations. Every capability in this release exists because someone in the field told us exactly what they needed and exactly what was missing from everything else they had tried.

The Virtual Agent protection layer is the clearest example of that. OT operators have been told for years that security requires agents on endpoints. We proved that is not true. PacketViper sits on the wire, watches every conversation those devices have, and enforces without touching them. That is not a compromise. That is the right answer.”

About PacketViper

PacketViper is a preemptive cyber defense company built for the reality of converging IT and OT environments. The platform combines adaptive enforcement, automated moving target defense, air-gapped analytics, compliance intelligence, and OT-native asset protection into a unified architecture — designed for the threats that are already inside your network and the ones that have not gotten there yet.

For more information, visit www.packetviper.com.

Media Contact: press@packetviper.com

Want to see preemptive security in action?

We run demos against real traffic. No slides. No pressure.

Book a Demo