NETSCOUT Achieves AWS Security ISV Competency in Threat Detection and Response

According to IDC, 82 percent of C-level executives say that digital business is a critical component of their overall corporate strategy and is required to meet objectives such as increasing revenue and improving operational efficiency. Speaking at IDC Directions last year, IDC Chief Research Officer Meredith Whalen called 2023 the inflection point when technology spending on digital initiatives would be greater than spending on nondigital initiatives.

The smooth operation of the corporate digital business relies on secure digital services delivered reliably across the geographically distributed hybrid-cloud infrastructure. This makes a robust corporate security posture more important than ever before—not just for mitigating corporate risks but also for successfully executing the corporate business strategy.

New Challenges for SecOps

The challenge with implementing a robust security posture in the hybrid cloud, however, is that the infrastructure is heterogeneous and geographically distributed, which both increases the attack surface and makes it more challenging for SecOps to protect. In addition, microservices architectures involving multiple networks add to the growing hybrid-cloud complexity along with a decrease in visibility.

These challenges are further exacerbated by the constant increase in threat actor activities, including state-sponsored attacks, organized crime, and hacktivists. Faced with a limited SecOps staff, companies must embrace a solution that will reduce the number of false positives and the overall time it takes to detect, validate, investigate, and respond to a security breach.

Advanced NDR Solution Mitigates Corporate Risks in the Hybrid Cloud

NETSCOUT’s Omnis Cyber Intelligence (OCI) is a platform for advanced network threat detection and response (NDR) that helps security teams enhance the corporate security posture and reduce mean time to resolution (MTTR) by intelligently and efficiently detecting, validating, investigating, and responding to threats.

OCI’s cloud-first approach to cybersecurity investigation helps companies manage threats across increasingly complex hybrid-cloud infrastructures with attack surfaces broadening as applications migrate to environments such as AWS. NETSCOUT CyberStream platforms are interoperable with and support a wide variety of AWS-native packet-acquisition technologies, including Amazon Virtual Private Cloud (VPC) traffic mirroring, VPC ingress routing, Gateway Load Balancer (GWLB), and GWLB endpoint as a target. The OCI platform integrates with AWS Security Hub and exports alerts into Amazon Security Lake.

This interoperability and ability to integrate with AWS-native technologies help to streamline the threat response and reduce MTTR. For example, interoperability with AWS-native packet-acquisition technologies enables NETSCOUT to efficiently capture packet data traversing the hybrid-cloud environment and simultaneously perform deep-packet inspection and real-time analysis at scale. NETSCOUT’s CyberStream virtual appliance monitors service-critical traffic running within cloud infrastructures and generates NETSCOUT Smart Data at its point of collection.

The OCI integration with AWS Security Hub enables security teams to quickly identify and prioritize the highest-priority alerts and then efficiently execute highly contextual drill-downs into OCI’s robust set of metadata and packets, allowing further investigation into these alerts.

Amazon Security Lake helps organizations aggregate, manage, and derive value from log and event data in the cloud and on-premises, giving security teams greater visibility into their organization’s security posture and attack surface. NETSCOUT’s compatibility with Amazon Security Lake enables it to become a custom source of security findings and detailed security insights into what’s happening in your enterprise, such as cyberthreats, security risks, and attack-surface changes. These findings are produced in the customer account by NETSCOUT CyberStream and OCI and then exported to Amazon Security Lake in Open Cybersecurity Schema Framework (OCSF) format. The OCI-exported data also meets the core requirements of an Amazon Security Lake source, including format, schema, partitioning, and performance-related aspects.

AWS Competency Proof Points

NETSCOUT has proven itself as a differentiated AWS technology partner, having achieved Security, Networking, Migration and Modernization ISV competencies. These competencies demonstrate NETSCOUT’s unique skills in areas across industries, use cases, and workloads.

The most recent NETSCOUT designation from AWS is for AWS Security ISV Competency in Threat Detection and Response. To achieve this, AWS validated that NETSCOUT offers the ability to spot issues before they impact an account and act on that knowledge to improve the security posture and reduce customers’ risk profiles.

To grant the designation of Migration and Modernization ISV Competency, AWS validated that NETSCOUT offers unique capabilities in helping enterprise customers migrate applications and legacy infrastructure to AWS.

To attain Networking ISV Competency, NETSCOUT demonstrated that it offers a set of specialized application, service, and network management solutions that auto-scale, are aligned with cloud design principles, and make it easier to use networking features in native or hybrid-cloud environments.

NETSCOUT is also an AWS Public Sector Partner, validating that NETSCOUT offers cloud-based solutions and has demonstrated experience in supporting government, space, education, and nonprofit organizations around the world.

To learn more about the AWS technology partnership and this AWS security solution, review the official press release .