Netscout has rolled out its Omnis Cyber Intelligence (OCI) solution, an advanced network detection and response (NDR) platform, the company announced this week.
Netscout is an enterprise performance management provider that enables organizations to see across networks, data centers, clouds and 5G mobile networks. OCI is the second product the company has unwrapped in the past two weeks, having previously debuted its Arbor Edge Defense (AED) inline security appliance that offers machine learning-based Adaptive DDoS protection.
Threat Detection that Runs Deep
OCI as an NDR solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets, Netscout explained.
OCI features include:
- Hierarchical threat detection combines ML-based behavioral analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence.
- A new security event dashboard with mappings to the MITRE ATT&CK® framework reduces the time needed for security operations center (SOC) teams to triage alerts and conduct more efficient threat analysis.
- Enhanced data optimization and export capabilities improve and reduce the cost of integration into existing security ecosystems such as Splunk, Palo Alto Networks, or custom data lakes.
Netscout Exec Emphasizes Network Visibility
Sanjay Munshi, Netscout senior vice president of Product Management, said that as cyberattacks grow, organizations need greater visibility into their networks:
“As cyberattacks continue to grow more sophisticated and numerous, organizations need greater visibility into their networks and higher fidelity data to quickly catch and mitigate attacks before they have a chance to spread and inflict serious damage. Based on customer input, our engineers have worked hard to build a more advanced network detection and response solution that makes organizations’ security stacks more effective, supported by deep integrations with leading vendors like Splunk, Palo Alto Networks, and AWS. Additionally, customers can now export and use our high-fidelity network data to improve the accuracy of their AI/ML-based threat detection algorithms.”