Kentik provides real-time traffic analysis, threat detection, and forensic investigation capabilities. Core capabilities include: THREAT DETECTION AI-driven anomaly detection for network-probing behavior, unusual internet traffic patterns, and traffic to/from embargoed countries. DDoS detection with customizable attack profiles and low false positive rates. ATTACK RESPONSE Real-time DDoS mitigation via RTBH (Remote Triggered Black Hole)/Flowspec using own infrastructure or third-party provider integrations (Cloudflare, Radware, A10). NETWORK COMPLIANCE Identification of policy violations, RPKI enforcement validation, cloud ACL verification, BGP leak/hijack detection, and BGP reachability testing. FORENSICS & INVESTIGATION Historical data exfiltration/infiltration analysis, source identification with security and business context enrichment, user identification via flow data, blacklisted IP/domain alerting, and mis-routed traffic detection. Kentik positions as a network intelligence platform rather than point security tool. The offering is built on network flow telemetry (NetFlow/sFlow) analysis combined with threat intelligence feeds and BGP routing data. Revenue model is likely per-flow-per-month or usage-based subscription. Primary differentiation is breadth of visibility (cloud, on-premise, transit networks) and forensic depth. Targets enterprises and service providers managing complex multi-cloud or hybrid networks where traditional perimeter security is insufficient.