NETSCOUT has announced Adaptive Threat Analytics. This new enhancement to its Omnis Cyber Intelligence Network Detection and Response (NDR) solution is designed to improve incident response and reduce risk for security teams, enabling them to investigate, hunt, and respond to cyber threats more rapidly.
Cybersecurity professionals face a continuous challenge in detecting and responding to threats swiftly. Issues such as alert fatigue, increasing alert volumes, fragmented visibility from siloed tools, and the emergence of AI-enabled adversaries create a pressing need for faster and more effective response plans. According to McKinsey & Company, despite recent improvements in response times to cyber risks, organizations still take an average of 73 days to contain an incident.
Adaptive Threat Analytics aims to address these challenges by providing continuous network packet capture and local storage of metadata and packet data. This comprehensive north-south and east-west network visibility is crucial, particularly during the ‘Analyze’ phase between threat ‘Detection’ and ‘Response’. The new capability uses artificial intelligence and machine learning (AI/ML) to correlate security events and conduct real-time analysis of network traffic. This process converts disparate events into cohesive, high-fidelity incidents, offering a holistic and actionable view of the entire attack chain.
“Security teams often lack the specific knowledge to understand exactly what happened to be able to choose the best response,” stated Jerry Mancini, senior director, Office of the CTO, NETSCOUT. “Omnis Cyber Intelligence with Adaptive Threat Analytics provides ‘big picture’ data before, during, and after an event that helps teams and organizations move from triage uncertainty and tuning to specific knowledge essential for reducing the mean time to resolution.”
NETSCOUT highlights that Adaptive Threat Analytics offers superior scalability and cost-effective NDR capabilities across complex IT environments. It also integrates easily into existing cybersecurity ecosystems, including Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), or Extended Detection and Response (XDR) platforms.
