DATA SECURITY

NETSCOUT Announces Availability of Omnis Cyber Intelligence

NETSCOUT | November 08, 2021

NETSCOUT SYSTEMS, INC.a leading provider of cybersecurity, service assurance, and business analytics solutions, today announced the availability of Omnis® Cyber Intelligence (OCI), the industry's fastest and most scalable network security software solution, built on the foundation of the industry's most prominent network monitoring and packet recording and analysis technology. It uniquely detects and investigates suspicious activities in real-time and retrospectively, identifies threats early in the attack life cycle to prevent infections from spreading, stops future attacks, and identifies compromised assets.

With cyberattacks increasing and breaches making front-page news, IT security teams find that their existing tools are no match for this growing threat, and both their expenses and their cyber risk are growing out of control. This is the case because the typical data sets feeding these tools are reactive, not granular, and do not extend to the earliest indications of a potential attack.

NETSCOUT's approach to turn the situation around is to leverage its market-leading visibility technology to increase the range and depth of security intelligence and make it accessible to security teams in real-time. The solution consists of an analytics stack and cyber security software sensors called Omnis CyberStreams.

NETSCOUT's Omnis Cyber Intelligence arms security teams with proactive, actionable intelligence helping them to:
  • Perform continuous scanning and analysis for reconnaissance to detect attacks earlier, minimizing exposure and, in many cases, thwarting the threat.
  • Rapidly access high-resolution historical evidence far back in time to understand how an attack started to prevent similar breaches and stop ongoing malicious activity.
  • Monitor exposed attack surfaces within their infrastructure to optimize the effectiveness of the defenses deployed.
  • Evaluate the extent of penetration and impacted assets when attacks occur to prevent malware from spreading.
  • Deploy on-premises, in virtualized data centers, and the public cloud, supporting an organization's evolving deployment preferences without impacting security governance and workflows.
  • Integrate with their security ecosystem through APIs and partnerships with leading vendors such as Splunk, Palo Alto Networks, and AWS.
As a result, the effectiveness of customers' existing security tools and the productivity of analysts improve, and they can get ahead of the vicious cycle of both rising costs and rising cyber risk.

"NETSCOUT's unique ASI technology allows companies to truly unlock the actionable intelligence embedded in network transactions and packets,Where others have failed, NETSCOUT has made the use of packet data fast and affordable with their patented metadata extraction, intelligent reduction, and indexing. Omnis Cyber Intelligence provides security analysts with the information they need to quickly and accurately assess the scope and scale of an incident and reduce the associated risk and negative impact."

Christopher Kissel, research director, security and trust products, IDC

"Enterprises have invested heavily in cybersecurity solutions, but they are largely ineffective because they lack the actionable visibility needed to spot attacks before they have broad impact," stated Sanjay Munshi, vice president, product management, NETSCOUT. "As attack surfaces expand, the Omnis Cyber Intelligence solution extends throughout the infrastructure, integrates into existing ecosystems, and becomes part of the growing movement towards XDR, using meaningful metadata, or smart data, and powerful cyber analytics to quickly get to the root cause of the cybersecurity issue and mitigate risk."

About NETSCOUT
NETSCOUT SYSTEMS, INC. helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Omnis® Cyber Intelligence delivers the fastest and most scalable network security solution available on the market. NETSCOUT nGenius® service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor® Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets.

Spotlight

Unfortunately, government agencies have not escaped the scourge of data breaches. In 2012, 43 data breaches, representing approximately 6.7 million records, were attributed to government and military agencies, according to the Privacy Rights Clearinghouse. To adequately address database concerns, federal IT managers need to embrace a four-step security framework.

Spotlight

Unfortunately, government agencies have not escaped the scourge of data breaches. In 2012, 43 data breaches, representing approximately 6.7 million records, were attributed to government and military agencies, according to the Privacy Rights Clearinghouse. To adequately address database concerns, federal IT managers need to embrace a four-step security framework.

Related News

DATA SECURITY

SentinelOne and Cribl Partner to Deliver Data Flexibility Across Cybersecurity and Observability

Cribl | August 04, 2022

Cribl, the leader in enabling open observability, today announced a new partnership with SentinelOne, an autonomous cybersecurity platform company. The partnership enables SentinelOne customers to leverage Cribl's observability product suite to streamline cybersecurity triage, optimize data collection, and provide security teams control of their data. By integrating Cribl's observability product suite with Singularity XDR, SentinelOne customers can now unlock the value of all observability data. Key benefits include the ability to: 1) Operationalize endpoint and extended detection and response (EDR & XDR) of data sources in joint customer environments, 2) Streamline for triage and investigative functions in the Security Operations Center (SOC), and 3) Progress cybersecurity programs with enhanced threat intelligence, threat hunting, and adversary simulation. "Today's cybersecurity risk levels are increasingly associated with the ability to understand data across enterprise assets. "Our partnership with Cribl helps optimize data collection at scale, enabling security teams to minimize risk and save time." Chuck Fontana, SVP Business Development at SentinelOne "We're excited to partner with the SentinelOne team," said Zac Kilpatrick, VP of Channel and Alliances at Cribl. "To keep up with persistent threats and the ever-changing security landscape, SOC activity must move from reactivity to proactivity. SentinelOne's autonomous and proactive approach to cybersecurity is differentiated in the market and aligns with Cribl's objective of optimizing analytics platform cost and performance." Integration with SentinelOne's Cloud Funnel Cribl's product suite now integrates with SentinelOne's Cloud Funnel, a data subscription enabling XDR data to be stored locally in an enterprise's data lake. This solution works with any data type, such as file, process, DNS, flow, behavioral, registry, commands, scripts, and more. Cloud Funnel's flexibility provides SentinelOne customers the ability to choose which data type they need, optimize it to find the right signal, and route it for maximum efficiency - all at machine speed. Integration with DataSet Cribl Stream now supports SentinelOne's DataSet as a destination to seamlessly route data from legacy log analytics solutions. DevOps and IT teams choose DataSet to analyze data in real-time, effortlessly scale to petabytes, and cost-effectively retain data for longer periods of time for compliance and audit purposes. The new integration enables Cribl customers to pipeline their data to DataSet without changing their data instrumentation, collection, and ingestion. SentinelOne and Cribl will also continue bringing new offerings to market, including integrating Cribl Stream into SentinelOne's Singularity XDR platform. About Cribl Cribl makes open observability a reality for today's tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It's enterprise software that doesn't suck, enables tech professionals to do what they need to do, and gives them the ability to say "Yes." With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA.

Read More

SOFTWARE SECURITY

CertiK Reaches for the Skies With the Release of Its New Security Services

CertiK | July 16, 2022

CertiK, the leading global Web3 and blockchain security firm, today announced the launch of several web3 Skynet security features to bolster end-to-end security for the web3 world. New features include: Skynet Trust Score - a new scoring mechanism aimed at simplifying the definition of crypto project risk, increasing transparency into scoring mechanisms and demonstrating market health. Skynet Cohort Analysis Panel - a way for projects to see how they rank against other similar projects in order to help users contextualize the risk of a project by displaying its performance against comparable projects. Badges and honors for project achievements to strengthen credentials in their respective fields The Skynet service, launched in June 2021, uses a comprehensive set of signals, curated from code scanning analysis, on chain security analytics, and machine learning to provide 24/7 monitoring of threats for crypto projects. To date, Skynet has helped to protect and monitor over 4 billion transactions. As part of its strategy, CertiK set out on a mission to address both business and consumer value services through its security leaderboard found on its website. Delivering on this promise, CertiK’s release of new Skynet features provides further simplicity and transparency to consumers around project risk, while also giving credit to projects where needed through badges and honors. “We’re very excited to launch these new Skynet features. “Through feedback from customers and the community, we’ve recognized the need to innovate around security risk in a simpler way that caters to both business and consumer needs. This is just the beginning of our journey as we continue to innovate in response to community needs and deliver on our promise of securing the web3 world.” Kevin Liu, Chief Product Officer at CertiK As part of its portfolio expansion, CertiK also recently released on its Twitter an autonomous security alert channel, which provides real-time alerts to the community on hacks, flash loan attacks, rugpulls and suspicious activity. To date, CertiK has flagged over $1.45 Billion in security incidents since the release of the service in February this year. The growing demand for Web3 security has driven further development and operation of more innovative and data-driven security products for the blockchain industry. CertiK is meeting these demands through innovative products like Security Leaderboard, Code Auditing, KYC and now this next series of Skynet security features. About CertiK CertiK’s mission is to secure the Web3 world. Starting with blockchain, CertiK applies cutting-edge innovations from academia into Enterprise, enabling mission-critical applications to be built with security and accuracy. Headquartered in New York City, CertiK was founded by computer science professors Ronghui Gu and Zhong Shao. CertiK is backed by industry leaders, including Insight Partners, Tiger Global, Sequoia, Coatue Management, Advent International, Goldman Sachs, Lightspeed, SoftBank Vision Fund 2, Hillhouse Capital, Binance, Coinbase Ventures, and more.

Read More

PLATFORM SECURITY

Sophos Announces Sophos X-Ops

Sophos | July 21, 2022

Sophos, a global leader in next-generation cybersecurity, today announced Sophos X-Ops, a new cross-operational unit linking SophosLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos, to help organizations better defend against constantly changing and increasingly complex cyberattacks. Sophos X-Ops leverages the predictive, real-time, real-world, and deeply researched threat intelligence from each group, which, in turn, collaborate to deliver stronger, more innovative protection, detection and response capabilities. Sophos today is also issuing “OODA: Sophos X-Ops Takes on Burgeoning SQL Server Attacks,” research about increased attacks against unpatched Microsoft SQL servers and how attackers used a fake downloading site and grey-market remote access tools to distribute multiple ransomware families. Sophos X-Ops identified and thwarted the attacks because the Sophos X-Ops teams combined their respective knowledge of the incidents, jointly analyzed them, and took action to quickly contain and neutralize the adversaries. “Modern cybersecurity is becoming a highly interactive team sport, and as the industry has matured, necessary analysis, engineering and investigative specializations have emerged. Scalable end-to-end operations now need to include software developers, automation engineers, malware analysts, reverse engineers, cloud infrastructure engineers, incident responders, data engineers and scientists, and numerous other experts, and they need an organizational structure that avoids silos,” said Joe Levy, chief technology and product officer, Sophos. “We’ve unified three globally recognized and mature teams within Sophos to provide this breadth of critical, subject matter and process expertise. Joined together as Sophos X-Ops, they can leverage the strengths of each other, including analysis of worldwide telemetry from more than 500,000 customers, industry-leading threat hunting, response and remediation capabilities, and rigorous artificial intelligence to measurably improve threat detection and response. Attackers are often too organized and too advanced to combat without the unique combined expertise and operational efficiency of a joint task force like Sophos X-Ops.” Speaking in March 2022 to the Detroit Economic Club about the FBI partnering with the private sector to counter the cyber threat, FBI Director Christopher Wray said, “What partnership lets us do is hit our adversaries at every point, from the victims’ networks back all the way to the hackers’ own computers, because when it comes to the FBI’s cyber strategy, we know trying to stand in the goal and block shots isn’t going to get the job done. “We’re disrupting three things: the threat actors, their infrastructure and their money. And we have the most durable impact when we work with all of our partners to disrupt all three together.” Sophos X-Ops is taking a similar approach: gathering and operating on threat intelligence from its own multidisciplinary groups to help stop attackers earlier, preventing or minimizing the harms of ransomware, espionage or other cybercrimes that can befall organizations of all types and sizes, and working with law enforcement to neutralize attacker infrastructure. While Sophos’ internal teams already share information as a matter of course, the formal creation of Sophos X-Ops drives forward a faster, more streamlined process necessary to counter equally fast-moving adversaries. “Effective cybersecurity requires robust collaboration at all levels, both internally and externally; it is the only way to discover, analyze and counter malicious cyber actors at speed at scale. Combining these separate teams into Sophos X-Ops shows that Sophos understands this principle and is acting on it.” Michael Daniel, president and CEO, Cyber Threat Alliance Sophos X-Ops also provides a stronger cross-operational foundation for innovation, an essential component of cybersecurity due to the aggressive advancements in organized cybercrime. By intertwining the expertise of each group, Sophos is pioneering the concept of an artificial intelligence (AI) assisted Security Operations Center (SOC), which anticipates the intentions of security analysts and provides relevant defensive actions. In the SOC of the future, Sophos believes this approach will dramatically accelerate security workflows and the ability to more quickly detect and respond to novel and priority indicators of compromise. “The adversary community has figured out how to work together to commoditize certain parts of attacks while simultaneously creating new ways to evade detection and taking advantage of weaknesses in any software to mass exploit it. The Sophos X-Ops umbrella is a noted example of stealing a page from the cyber miscreants’ tactics by allowing cross-collaboration amongst different internal threat intelligence groups,” said Craig Robinson, IDC research vice president, Security Services. “Combining the ability to cut across a wide breadth of threat intelligence expertise with AI assisted features in the SOC allows organizations to better predict and prepare for imminent and future attacks.” About Sophos Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide.

Read More