ASERT Research

ATLAS Security Engineering & Response Team (ASERT) delivers world-class network security research and analysis for the benefit of today’s enterprise and network operators. ASERT engineers and researchers are part of an elite group of institutions that are referred to as ‘super remediators’ and represent the best in information security.

Introducing NETSCOUT Cyber Threat Horizon

A global cybersecurity situational awareness platform, NETSCOUT CyberThreat Horizon provides highly contextualized visibility into global threat landscape activity that’s tailored for each organization’s specific vertical and geographic profile. Horizon is powered by ATLAS – NETSCOUT’s Advanced Threat Level Analysis System.

Annual DDoS & Infrastructure Security Survey

NETSCOUT Annual Worldwide Infrastructure Security Report (WISR) offers direct insights from network and security professionals at the world’s leading service provider, cloud/hosting, and enterprise organizations.

We have been conditioned over the past two decades to associate any highly-targeted activity to strategic actors using tools such as the well-crafted spear-phish, the zero-day browser exploits, or the stealthy web shell on compromised systems, and many aspects of our defense strategy revolve around these observations.

The emergence and potency of internet-scale attacks has changed the game. Threat actors launch strategic campaigns that compromise and use a vast array of devices related solely by internet connectivity.

Previously, strategic actors deployed large quantities of devices, often in the form of bot-net armies, for availability-based attacks. Now, we are seeing a marked change where strategic nation-state actors or cybercrime groups use thousands of devices across geographically dispersed regions for confidentiality-based attacks, indiscriminately or highly targeted. The impact and scale of attacks, such as VPNFilter, are at a level not seen before--and as it becomes easier and cheaper to launch such attacks, is likely only the beginning. Worse, organizations may be unprepared to defend against these types of attacks, or even to tell whether their infrastructure is an unwitting contributor to the problem.

NETSCOUT Threat Intelligence is an ally in the war against internet-scale threats. We have the visibility through our internet-level data and telemetry to see and observe impacts worldwide, and then identify and remediate the threats.


We observe, identify, and remediate threats unfolding across the internet using our Active Threat Level Analysis System (ATLAS®), which collects, analyzes, prioritizes, and disseminates data on emerging threats across one-third of the internet. We have the ability to collect data from a diverse array of sources–from enterprises and service providers to dark web and botnet traffic–and glue it together to form a complete picture.


Our world-class ATLAS Security and Engineering Research Team (ASERT) deeply researches malware campaigns and botnets at a global level, providing much-needed context to the overall threat environment. By studying the infrastructure, the command and control, we collect data on more than 125 actor sets across 30 nations and monitor real-time communications from more than 40 botnets. Using automated malware analysis pipelines, sinkholes, scanners, honeypots, open-source intelligence data sets and ASERT analysis, we can provide a unique view in the threat landscape.


NETSCOUT Threat Intelligence enables customers to directly benefit from the depth and breadth of our data collection and analysis and offers this visibility through the ATLAS Intelligence Feed (AIF). This ASERT service directly supports the strong portfolio of NETSCOUT products designed for both enterprise and service provider networks. As new attack information is discovered, the AIF is updated, and changes are delivered automatically via a subscription over a secured SSL connection, arming customers with the latest threat intelligence necessary to thwart modern-day DDoS attacks or advanced threats.

"Pervasive visibility into network, application and routing traffic allows Neo Telecoms to make more informed decisions about security incidents, transit partners, network architecture, customers and new IP services. Arbor's technology is purpose built for sophisticated IP-based networks like Neo Telecoms."
CTO, Neo Telecoms

"The ATLAS Intelligence Feed delivers DDoS signatures in real time to keep the enterprise data center edge protected against hundreds of botnet-fueled DDoS attack toolsets and their variants."
Frost & Sullivan
Source: Why Anti-DDoS Products are Critical for Today’s Business Environment

"SP not only provides network-wide visibility and protection against attacks, it provides the analysis and reporting we need to communicate with executive management about the threats facing our network."
Yahoo! Chief Architect

"The partnership with Arbor enables us to meet our needs today and as we grow in the future. Not only is Arbor delivering a valuable network visibility and security solution, but their solution enables us to offer new types of value-added service offerings for customers."
CEO, Hunan Mobile

  • Data Sheet
  • Webinar

ATLAS Intelligence Feed for Arbor APS & NETSCOUT AED

The AIF from Arbor empowers users with policies and countermeasures to address attacks as part of an advanced threat or DDoS attack. The information provided enables network and security operations teams to ensure the latest threat protections are available and defending their Enterprise environment. The AIF is a service of the Arbor Security Engineering and Response Team (ASERT), and directly benefits Enterprise networks from the depth and breadth of Arbor’s research.

View PDF

ATLAS Intelligence Feed for Arbor Sightline & Threat Mitigation System

The AIF from Arbor empowers users with policies and countermeasures to address attacks as part of an advanced threat or DDoS attack. The information provided helps ensure that large networks and peering environments are able to detect and protect against the latest threats that enter or leave their networks. The AIF is a service of the Arbor Security Engineering and Response Team (ASERT), and was designed for the largest networks to benefits from the depth and breadth of Arbor’s research.

View PDF

How Can Arbor's Global Visibility Help You?

View Video