Omnis Cyber Intelligence promises advanced network detection and response

Hierarchical ML-based threat analytics at source optimises threat detection and matures Zero Trust security architecture.

  • 1 year ago Posted in

NETSCOUT SYSTEMS has introduced its next-generation Omnis Cyber Intelligence (OCI) solution. OCI is an advanced network detection and response (NDR) solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.

In the face of rising cyber threats, OCI provides security teams with real-time packet-level visibility across their digital infrastructure. It helps identify threats earlier in the attack life cycle and quickens investigations by gathering network-based forensic evidence to reduce the Mean Time to Response (MTTR). OCI is a valuable tool for verifying the effectiveness and improving the existing cybersecurity ecosystem, ensuring compliance, and lowering the risk of successful cyberattacks.

Next generation features include:

Hierarchical threat detection that combines ML-based behavioural analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence

A new security event dashboard with mappings to the MITRE ATT&CK® framework that reduces the time needed for security operations centre (SOC) teams to triage alerts and conduct more efficient threat analysis

Enhanced data optimisation and export capabilities that improve and reduce the cost of integration into existing security ecosystems such as Splunk, Palo Alto Networks, or custom data lakes

“For enterprise-level organisations to reach Zero Trust maturity, comprehensive network visibility is essential,” said John Grady, principal analyst for network security at TechTarget’s Enterprise Strategy Group. “Security analysts can no longer rely solely on traditional network perimeter or endpoint defences. Insight at the packet level is required to verify compliance with new security standards as network edges blur. NETSCOUT’s unique source of high-fidelity network metadata and deep integrations throughout the cybersecurity ecosystem combine to make Omnis Cyber Intelligence a compelling solution for efficient detection, investigation, and analysis of threats as they move across highly distributed and complex modern-day networked infrastructure.”  

 

OCI leverages NETSCOUT’s Visibility Without Borders Platform for deep packet inspection at scale, which provides comprehensive north-south and east-west network visibility across an organisation’s entire digital infrastructure, including Colo’s and public clouds such as AWS, Google Cloud, and Microsoft Azure. The solution helps security teams perform more efficient real-time and historical threat analysis by seeing beyond traditional network perimeter and endpoint-limited defences to continuously scan for signs of an attack.

 

“As cyberattacks continue to grow more sophisticated and numerous, organisations need greater visibility into their networks and higher fidelity data to quickly catch and mitigate attacks before they have a chance to spread and inflict serious damage,” said Sanjay Munshi, senior vice president, product management, NETSCOUT. “Based on customer input, our engineers have worked hard to build a more advanced network detection and response (NDR) solution that makes organisations’ security stacks more effective, supported by deep integrations with leading vendors like Splunk, Palo Alto Networks, and AWS. Additionally, customers can now export and use our high-fidelity network data to improve the accuracy of their AI/ML-based threat detection algorithms.”

54% of consumers don’t know how much personal data AI tools collect.
By Alan Jacobson, Chief Data and Analytics Officer, Alteryx.
Research finds that the industry is struggling with a growing resource and skills gap while...
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...