NETSCOUT introduces adaptive threat analytics to enhance incident response and risk reduction

Netscout Systems, a provider of observability, AIOps, cybersecurity, and DDoS protection solutions, has announced Adaptive Threat Analytics, a new feature within its Omnis Cyber Intelligence Network Detection and Response (NDR) platform. The enhancement is designed to support faster investigation, threat hunting, and incident response by security teams.

Cybersecurity professionals continue to face pressure in the ongoing effort to detect and respond to threats before significant damage occurs. High volumes of alerts, alert fatigue, fragmented visibility due to siloed tools, and increasingly sophisticated AI-enabled attacks all contribute to the challenge. According to research from McKinsey & Company, although response times to cyber incidents have improved, it still takes organisations an average of 73 days to contain a security breach.

Comprehensive network visibility, across both north-south and east-west traffic, is crucial throughout the incident detection and response process, particularly during the 'Analyse' phase, which bridges initial detection and response actions. Adaptive Threat Analytics enables this by leveraging continuous packet capture, local storage of metadata and packet data (independent of detections), built-in packet decoding, and a flexible ad hoc query language. This combination helps analysts investigate incidents more thoroughly and hunt threats proactively, leading to more informed and timely responses.

John Grady, Principal Analyst for Cybersecurity at Enterprise Strategy Group, commented, “Network environments are becoming increasingly complex and fragmented. This expanding attack surface is being exploited by threat actors, making it more difficult for security teams to respond swiftly and accurately. As a result, continuous and unified packet-based visibility across both internal and external network traffic is now essential for effective threat detection and response.”

Omnis Cyber Intelligence applies AI-driven correlation to bring together disparate data points into coherent, high-fidelity incident narratives. This offers security operations centres (SOCs) a comprehensive view of the full attack chain. The solution is designed to operate at scale across complex IT environments and can integrate with existing cybersecurity infrastructure, including SIEM, SOAR, and XDR platforms.

Jerry Mancini, Senior Director, Office of the CTO at NETSCOUT, noted,“Security teams often lack the necessary insight to fully understand what occurred during an incident and, therefore, struggle to choose the most appropriate response. Omnis Cyber Intelligence, enhanced with Adaptive Threat Analytics, provides contextual data before, during, and after an event. This helps teams shift from reactive triage and alert tuning to a more knowledge-driven approach, reducing the mean time to resolution.”