At NETSCOUT, we take security very seriously. NETSCOUT follows a Secure Software Development Lifecycle (Secure SDLC) model which incorporates security by design throughout all phases of product development, testing, release, and post-release support. We maintain a security assurance team to serve as expert advisors to product developers at NETSCOUT, providing the resources and advice needed to integrate security into our development process and enabling continuous improvement and consistency in our security practices.

NETSCOUT developers and testers receive regular training on security issues. Before any product is released, we conduct thorough security scans to uncover and address vulnerabilities. Our product testers perform numerous automated and manual security vulnerability tests prior to release, and respond to field issues in a timely manner post-release.

NETSCOUT has well-defined processes to address vulnerabilities discovered in the field. Our rigorous program enables us to identify potential impacts and respond in a timely manner by analyzing multiple sources for reported vulnerabilities, such as the Common Vulnerabilities and Exposures (CVEs) database. NETSCOUT responds to known vulnerabilities within published timeframes to help our customers stay informed and protect their technology environments.

Our program for Vulnerability Management includes:

Pre-release security by design

  1. Built-in security through a Secure SDLC model.
  2. Secure build environment using industry standard tools and processes.
  3. Vulnerability scans using industry-standard scanners – automatic and manual.

Post-Release updates

  1. Continuous monitoring of industry-standard reporting bodies, e.g., CVEs.

Vulnerability response mechanism

  1. Time-bound response mechanism
  2. Fix release through patch, MR, new major or minor release, or third-party update patch.

Vulnerability communication mechanism

  1. Subscription-based customer notifications.

Products Designed with Security at their Foundation

NETSCOUT products are designed around security-hardened operating systems with appropriate built-in controls for user access and secure transmission of data. Additional security options, such as encrypted disks, are offered to further secure our systems.

NETSCOUT product security measures include:

Hardened operating systems

Use of hardened operating systems that remove unnecessary services, implement port access restrictions, enable access auditing, and include other security features.

SSL protocols

Information transfer between NETSCOUT products uses secure encrypted protocols using SSL.

Encrypted disks

Making available appliances with encrypted disks.

Compliance standards

Compliance with appropriate industry standards.

Encrypted passwords

Secure encrypted password storage and management within the products.

Third-party software

Reduction in usage and, where possible, elimination of third-party software within our products.