ASERT Research
ATLAS Security Engineering & Response Team (ASERT) delivers world-class network security research and analysis for the benefit of today’s enterprise and network operators. ASERT engineers and researchers are part of an elite group of institutions that are referred to as ‘super remediators’ and represent the best in information security.
Introducing NETSCOUT Omnis Threat Horizon
A global cybersecurity situational awareness platform, NETSCOUT Omnis Threat Horizon provides highly contextualized visibility into global threat landscape activity that’s tailored for each organization’s specific vertical and geographic profile. Horizon is powered by ATLAS – NETSCOUT’s Advanced Threat Level Analysis System.
Threat Intelligence Report
NETSCOUT’s bi-annual Threat Intelligence Report offers unique insight into worldwide DDoS attack activity and other threats
Thanks to advanced global threat intelligence research, we have been conditioned over the past two decades to associate any highly-targeted activity to strategic actors using tools such as the well-crafted spear-phish, the zero-day browser exploits, or the stealthy web shell on compromised systems, and many aspects of our defense strategy revolve around these observations.
The emergence and potency of internet-scale attacks has changed the game. Threat actors launch strategic campaigns that compromise and use a vast array of devices related solely by internet connectivity.
Real-Time Advanced Threat Intelligence & Analytics
Previously, strategic actors deployed large quantities of devices, often in the form of bot-net armies, for availability-based attacks. Now, advanced DDoS threat analytics are showing a marked change where strategic nation-state actors or cybercrime groups use thousands of devices across geographically dispersed regions for confidentiality-based attacks, indiscriminately or highly targeted. The impact and scale of attacks, such as VPNFilter, are at a level not seen before--and as it becomes easier and cheaper to launch such attacks, is likely only the beginning. Worse, organizations may be unprepared to defend against these types of attacks, or even to tell whether their infrastructure is an unwitting contributor to the problem.
NETSCOUT’s Threat Intelligence is an ally in the war against internet-scale threats. We have the visibility through our internet-level data and telemetry to see and observe impacts worldwide, and then identify and remediate the threats thanks to ASERT’s deep real-time advanced threat intelligence research.
ATLAS
We observe, identify, and remediate threats unfolding across the internet using our Active Threat Level Analysis System (ATLAS®), which collects, analyzes, prioritizes, and disseminates data on emerging threats across one-third of the internet. We have the ability to collect data from a diverse array of sources–from enterprises and service providers to dark web and botnet traffic–and glue it together to form a complete picture to be used for DDoS threat protection purposes.
ASERT
Our world-class ATLAS Security and Engineering Research Team (ASERT) deeply researches malware campaigns and botnets at a global level, providing much-needed context to the overall threat environment. By studying the infrastructure, the command and control, we collect advanced global threat intelligence on more than 125 actor sets across 30 nations and monitor real-time communications from more than 40 botnets. Using automated malware analysis pipelines, sinkholes, scanners, honeypots, open-source intelligence data sets and ASERT analysis, we can provide a unique view in the threat landscape.
AIF
NETSCOUT Threat Intelligence enables customers to directly benefit from the depth and breadth of our data collection and analysis and offers this visibility through the ATLAS Intelligence Feed (AIF). This ASERT service directly supports the strong portfolio of NETSCOUT products designed for both enterprise and service provider networks, offering unmatched intelligence in DDoS threat protection and analysis. As new attack information is discovered, the AIF is updated, and changes are delivered automatically via a subscription over a secured SSL connection, arming customers with the latest advanced global threat intelligence necessary to thwart modern-day DDoS attacks or advanced threats.
"Pervasive visibility into network, application and routing traffic allows Neo Telecoms to make more informed decisions about security incidents, transit partners, network architecture, customers and new IP services. Arbor's technology is purpose built for sophisticated IP-based networks like Neo Telecoms."
CTO, Neo Telecoms
"The ATLAS Intelligence Feed delivers DDoS signatures in real time to keep the enterprise data center edge protected against hundreds of botnet-fueled DDoS attack toolsets and their variants."
Frost & Sullivan
Source: Why Anti-DDoS Products are Critical for Today’s Business Environment
"SP not only provides network-wide visibility and protection against attacks, it provides the analysis and reporting we need to communicate with executive management about the threats facing our network."
Yahoo! Chief Architect
"The partnership with Arbor enables us to meet our needs today and as we grow in the future. Not only is Arbor delivering a valuable network visibility and security solution, but their solution enables us to offer new types of value-added service offerings for customers."
CEO, Hunan Mobile
- White Paper
- Threat Report
- Video
- Data Sheet
- Other
- Use Case
HardenStance Briefing - Intelligence-Driven DDoS Defense
In this HardenStance Briefing you will find new insights into the world of DDoS attacks and Adaptive DDoS Defense offered by NETSCOUT
Learn more5 Things You Didn’t Know About DDoS Attacks That Can Cost You
To accurately determine your organization’s risk of a DDoS attack, you must be aware of the latest trends in DDoS attacks and best practices in defense. Read this white paper to learn more.
Download PDFNETSCOUT DDoS Threat Intelligence Report 1H 2022
The first half of 2022 saw innovation in attack methods and vectors utilizing scaled up botnets and a foundation in war, religion, and politics as the battleground for DDoS, changing the game for suppressing attacks of all sizes.
Learn moreNETSCOUT Threat Intelligence Report 2H 2021
The second half of 2021 brought about the establishment of high-powered botnet armies and a rebalancing of the scales between volumetric and direct-path attacks, creating new standard operating procedures, and adding new tactics and techniques.
Download PDFNETSCOUT Threat Intelligence Report 1H 2020
2020 Cybercrime: Exploiting a Pandemic. In this report we reveal how the seismic shift in how we work and live, caused by the COVID-19 pandemic, added rocket fuel to the growth and complexity of DDoS attacks.
Download PDFNETSCOUT Threat Intelligence Report 1H 2019
2019 has ushered in market-ready crimeware and freely accessible tools that can be quickly and easily deployed as vulnerabilities are discovered.
Download PDFNETSCOUT Threat Intelligence Report 2H 2019
The overall threat landscape only knows one direction: up. Cybercrime is a multi-billion dollar business, while nation-state groups proliferate globally and with increasing impact. Learn more in this Threat Report covering data from the 2H of 2019.
Download PDFNETSCOUT Threat Intelligence Report 1H 2018
The accelerating internet-scale threat paradigm changes the frontiers for where and how attacks can be launched, observed and interdicted.
Download PDFNETSCOUT Threat Intelligence Report 2H 2018
The 2018 NETSCOUT Threat Intelligence Report provides a snapshot of globally scoped internet threat intelligence from the second half of 2018, with analysis from our security research organization. This summary report captures key findings about the latest trends and activities from nation-state advanced persistent threat (APT) groups, crimeware operations, and Distributed Denial of Service (DDoS) attack campaigns.
Download PDFNETSCOUT DDoS Threat Intelligence Report 1H 2022
Geopolitical tension leads to increased DDoS attack activity. Carpet-bombing and DNS water-torture attacks are on the rise. Playing DDoS defense with suppression and threat intelligence. DDoS botnets are more potent than ever before. Learn more about these key findings and more in our latest DDoS Threat Intelligence Report.
Watch videoNETSCOUT Threat Intelligence Report 1H 2021
The unprecedented events of 2020 led to an enormous and extended upswing in innovation for threat actors. And it’s not going away anytime soon. Over 5.3 million attacks, 7 new attack vectors in 7 months, the stats are staggering.
Watch videoThe Changing DDoS Landscape
NETSCOUT's Hardik Modi Discusses Trends and Concerns from the latest Threat Intelligence Report.
Learn moreNETSCOUT Threat Intelligence Report 2H 2019
"We want you to remember one number: 8.4 million. That is the number of DDoS attacks NETSCOUT Threat Intelligence saw last year alone: 23,000 attacks per day, 16 every minute. Any way you slice it, that’s a huge number of attacks. The reality is, attackers are smart and efficient and never give up, accurately targeting attacks while using a minimum of resources. Read on for the latest in the latest NETSCOUT Threat Intelligence Report, with key findings from the 15th Worldwide Infrastructure Security Report (WISR)"
Watch videoThreat Intelligence for the Connected World
As Guardians of the Connected World, NETSCOUT has a unique and unequaled vantage of network visibility and Internet traffic. In this interview, AVP of Engineering Hardik Modi discusses why NETSCOUT releases Threat Intelligence reports to the security community, and also shares key findings from the latest report covering the second half of 2019 and survey results from the 15th Worldwide Infrastructure Security Report.
Watch videoBeyond Perimeter Security: Defending Against Internet-Scale Threats
Perimeter and endpoint security tools alone are not sufficient to protect against today’s evolving threat landscape, but NETSCOUT Security can help.
Watch videoHow Can NETSCOUT's Global Visibility Help You?
What if you could see the traffic flowing through the Internet? What if you could take that information, analyze it, and use that data to protect your network? NETSCOUT's Active Threat Level Analysis System, or ATLAS, does just that. This worldwide system provides deep insight into the Internet's threat landscape made up of botnets, malware, and DDoS attacks. Analyzing up to 38 terabits per second of real-time data, ATLAS provides actionable analyses to the ATLAS Security and Engineering Response Team (ASERT), who interpret the data and provide real-time attack mitigation.
Watch videoNETSCOUT Threat Intelligence Report--Findings from Second Half 2018: Dawn of the Terrorbit Era
When it comes to the global threat landscape, the second half of 2018 revealed the equivalent of attacks on steroids, as attackers bulked up existing tactics, rapidly evolved new ones, and applied smart business techniques to vastly accelerate their growth rate. Dig into the latest volume of NETSCOUT's bi-annual Threat Intelligence Report for research from our ATLAS Security Engineering and Research Team (ASERT), a world-class team of experts in the field.
Watch videoNETSCOUT Threat Intelligence Report—Powered by ATLAS: Findings from 1H 2019
The 2019 NETSCOUT Threat Intelligence Report provides a snapshot of globally scoped internet threat intelligence from the first half of 2019, with analysis from NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT). This summary report captures key findings about the latest trends and activities from nation-state advanced persistent threat (APT) groups, crimeware operations, and Distributed Denial of Service (DDoS) attack campaigns.
Watch videoNETSCOUT's 14th Annual Worldwide Infrastructure Security Report
NETSCOUT's 14th Annual Worldwide Infrastructure Security Report (WISR) delivers insights from a global survey of network, security, and IT decision makers across enterprise and service provider organizations. Its focus is on the operational challenges they face daily from network-based threats and the strategies adopted to address and mitigate them. This year, the survey is further enhanced by regional breakdowns of the enterprise respondents. Read the full survey: https://www.netscout.com/report/
Watch videoATLAS Intelligence Feed Service (AIF) for Sightline
The ATLAS Intelligence Feed empowers users with policies and countermeasures to address attacks as part of an advanced threat or DDoS attack. The information provided helps ensure that large networks and peering environments are able to detect and protect against the latest threats that enter or leave their networks. The AIF is a service of the ATLAS Security Engineering and Response Team (ASERT), and was designed for the largest networks to benefit from the depth and breadth of our research.
Download PDFATLAS Intelligence Feed (AIF) for Arbor Edge Defense
The ATLAS Intelligence Feed (AIF) empowers users with policies and countermeasures to address attacks as part of an advanced threat or DDoS attack. The information provided enables network and security operations teams to ensure the latest threat protections are available and defending their Enterprise environment. The AIF is a service of the ATLAS Security Engineering and Response Team (ASERT), and directly benefits Enterprise networks from the depth and breadth of our research.
Download PDFDigital Attack Map
Click here to view a live global map of DDoS attack activity through NETSCOUT Omnis Threat Horizon.
Learn moreService Provider Collaboration
As the global DDoS threat landscape grows and attacks become more frequent and complex, worldwide network operators, their peers and their customers have to adapt to meet the new requirements for identification and mitigation of these new attacks.
Read more