NETSCOUT SYSTEMS, INC. announced its next-generation Omnis Cyber Intelligence (OCI) solution.
July 2023 by Marc Jacob
NETSCOUT SYSTEMS, INC. announced its next-generation Omnis Cyber Intelligence (OCI) solution. OCI is an advanced network detection and response (NDR) solution that uses highly scalable deep packet inspection (DPI) and multiple threat detection methods at the source of packet capture to detect threats in real time and allows historical investigation of high-fidelity network metadata and packets.
In the face of rising cyber threats, OCI provides security teams with real-time packet-level visibility across their digital infrastructure. It helps identify threats earlier in the attack life cycle and quickens investigations by gathering network-based forensic evidence to reduce the Mean Time to Response (MTTR). OCI is a valuable tool for verifying the effectiveness and improving the existing cybersecurity ecosystem, ensuring compliance, and lowering the risk of successful cyberattacks.
Next generation features include:
• Hierarchical threat detection that combines ML-based behavioural analysis, threat intelligence, intrusion detection signatures, and continuous attack surface monitoring to detect threats at scale with higher confidence
• A new security event dashboard with mappings to the MITRE ATT&CK® framework that reduces the time needed for security operations centre (SOC) teams to triage alerts and conduct more efficient threat analysis
• Enhanced data optimisation and export capabilities that improve and reduce the cost of integration into existing security ecosystems such as Splunk, Palo Alto Networks, or custom data lakes
OCI leverages NETSCOUT’s Visibility Without Borders Platform for deep packet inspection at scale, which provides comprehensive north-south and east-west network visibility across an organisation’s entire digital infrastructure, including Colo’s and public clouds such as AWS, Google Cloud, and Microsoft Azure. The solution helps security teams perform more efficient real-time and historical threat analysis by seeing beyond traditional network perimeter and endpoint-limited defences to continuously scan for signs of an attack.