NetScout Systems has announced Adaptive Threat Analytics, a new enhancement to its Omnis Cyber Intelligence Network Detection and Response (NDR) solution, designed to improve incident response and reduce risk. Adaptive Threat Analytics enables security teams to investigate, hunt, and respond to cyber threats more rapidly.
Cybersecurity professionals face a challenge in the race against time to detect and respond appropriately to cyber threats before it is too late. Alert fatigue, increasing alert volume, fragmented visibility from siloed tools, and cunning AI-enabled adversaries create a compelling need for a faster and more effective response plan. McKinsey & Company noted last year that despite a decline in response time to cyber-related risks in recent years, organisations still take an average of 73 days to contain an incident.
In the threat detection and incident response process, comprehensive north-south and east-west network visibility plays a critical role in all phases, but none more so than the ‘Analyse’ phase between ’Detection’ and ‘Response.’ Adaptive Threat Analytics utilises continuous network packet capture and local storage of metadata and packets independent of detections, built-in packet decodes, and a flexible ad hoc querying language, enabling more rapid threat investigation and proactive hunting. This provides SOC analysts with the specific knowledge needed to determine and execute the proper response more efficiently.
“Security teams often lack the specific knowledge to understand exactly what happened to be able to choose the best response,” says Jerry Mancini, senior director: Office of the chief technology officer of NetScout. “Omnis Cyber Intelligence with Adaptive Threat Analytics provides ‘big picture’ data before, during, and after an event that helps teams and organisations move from triage uncertainty and tuning to specific knowledge essential for reducing the mean time to resolution.”