NETSCOUT Combats Sophisticated Threats with Omnis Cyber Intelligence

By Greg Tavarez, TMCnet Editor  |  July 28, 2023

Cyberattacks are more sophisticated today, and they will continue to evolve and likely grow in numbers – look at SonicWall’s Cyber Threat Report that saw malware surging to 5.5 billion attacks as an example. Therefore, the traditional reliance on network perimeter or endpoint defenses is no longer sufficient to combat the increasingly sophisticated and numerous cyberattacks.

Security analysts recognize the pivotal role of comprehensive network visibility, which offers a higher level of fidelity data to rapidly detect and neutralize potential threats before they can wreak havoc. This means that zero trust maturity is a must.

Helping enterprise-level organizations reach that pinnacle is NETSCOUT, a provider of enterprise performance management, carrier service assurance, cybersecurity and DDoS protection solutions, and its next-generation Omnis Cyber Intelligence, or OCI solution.

OCI is an advanced network detection and response, or NDR, solution that uses highly scalable deep packet inspection, or DPI, and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.

OCI uses NETSCOUT’s Visibility Without Borders Platform for deep packet inspection at scale security and provides teams with real-time packet-level visibility across their digital infrastructure. It helps identify threats earlier in the attack life cycle and quickens investigations by gathering network-based forensic evidence to reduce the Mean Time to Response, or MTTR.

The solution helps security teams perform more efficient real-time and historical threat analysis by seeing beyond traditional network perimeter and endpoint-limited defenses to continuously scan for signs of an attack.

And its next-generation features include:

  • Hierarchical threat detection that combines ML-based behavioral analysis, threat intelligence, intrusion detection signatures and continuous attack surface monitoring to detect threats at scale with higher confidence.
  • A new security event dashboard with mappings to the MITRE ATT&CK framework that reduces the time needed for security operations center teams to triage alerts and conduct more efficient threat analysis.
  • Enhanced data optimization and export capabilities that improve and reduce the cost of integration into existing security ecosystems such as Splunk (News - Alert), Palo Alto Networks or custom data lakes.

“Our engineers have worked hard to build a more advanced network detection and response solution that makes organizations’ security stacks more effective, supported by deep integrations with leading vendors like Splunk, Palo Alto (News - Alert) Networks and AWS,” said Sanjay Munshi, Senior Vice President, Product Management, NETSCOUT. “Additionally, customers can now export and use our high-fidelity network data to improve the accuracy of their AI/ML-based threat detection algorithms.”

OCI is a valuable tool for verifying the effectiveness and improving the existing cybersecurity ecosystem, ensuring compliance, and lowering the risk of successful cyberattacks.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]