Hierarchical ML-based Threat Analytics at Source Optimizes Threat Detection and Matures Zero Trust Security Architecture
NETSCOUT SYSTEMS, a leading provider of enterprise performance management, carrier service assurance, cybersecurity, and DDoS protection solutions, announced its next-generation Omnis Cyber Intelligence (OCI) solution. OCI is an advanced network detection and response (NDR) solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.
Latest Cioinfluence Interview: CIO Influence Interview with Joe Ramieri, VP of North America at Instabase
“For enterprise-level organizations to reach Zero Trust maturity, comprehensive network visibility is essential”
In the face of rising cyber threats, OCI provides security teams with real-time packet-level visibility across their digital infrastructure. It helps identify threats earlier in the attack life cycle and quickens investigations by gathering network-based forensic evidence to reduce the Mean Time to Response (MTTR). OCI is a valuable tool for verifying the effectiveness and improving the existing cybersecurity ecosystem, ensuring compliance, and lowering the risk of successful cyberattacks.
Next-generation features include:
- Hierarchical threat detection that combines ML-based behavioral analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence.
- A new security event dashboard with mappings to the MITRE ATT&CK® framework that reduces the time needed for security operations center (SOC) teams to triage alerts and conduct more efficient threat analysis.
- Enhanced data optimization and export capabilities that improve and reduce the cost of integration into existing security ecosystems such as Splunk, Palo Alto Networks, or custom data lakes.
“For enterprise-level organizations to reach Zero Trust maturity, comprehensive network visibility is essential,” said John Grady, principal analyst for network security at TechTarget’s Enterprise Strategy Group. “Security analysts can no longer rely solely on traditional network perimeter or endpoint defenses. Insight at the packet level is required to verify compliance with new security standards as network edges blur. NETSCOUT’s unique source of high-fidelity network metadata and deep integrations throughout the cybersecurity ecosystem combine to make Omnis Cyber Intelligence a compelling solution for efficient detection, investigation, and analysis of threats as they move across highly distributed and complex modern-day networked infrastructure.”
Read More About Cioinfluence Interview: CIO Influence Interview with Michael Berthold, CEO at KNIME
OCI leverages NETSCOUT’s Visibility Without Borders Platform for deep packet inspection at scale, which provides comprehensive north-south and east-west network visibility across an organization’s entire digital infrastructure, including Colo’s and public clouds such as AWS, Google Cloud, and Microsoft Azure. The solution helps security teams perform more efficient real-time and historical threat analysis by seeing beyond traditional network perimeter and endpoint-limited defenses to continuously scan for signs of an attack.
“As cyberattacks continue to grow more sophisticated and numerous, organizations need greater visibility into their networks and higher fidelity data to quickly catch and mitigate attacks before they have a chance to spread and inflict serious damage,” said Sanjay Munshi, senior vice president, product management, NETSCOUT. “Based on customer input, our engineers have worked hard to build a more advanced network detection and response (NDR) solution that makes organizations’ security stacks more effective, supported by deep integrations with leading vendors like Splunk, Palo Alto Networks, and AWS. Additionally, customers can now export and use our high-fidelity network data to improve the accuracy of their AI/ML-based threat detection algorithms.”
Browse The Complete Interview About Cioinfluence: CIO Influence Interview with Filip Verloy, Field CTO for the EMEA Region at Noname Security
[To share your insights with us, please write to sghosh@martechseries.com]