BURLINGTON, Mass., May 18, 2016 – Arbor Networks Inc., the security division of NETSCOUT (NASDAQ: NTCT), today introduced version 2.1 of Arbor Networks Spectrum™, its advanced security analytics and threat hunting platform. Arbor Spectrum empowers security teams to uncover, investigate and prove sophisticated attack campaigns within minutes, not hours or days.
Today’s most dangerous network security threat is human orchestrated attack campaigns — a series of hidden events engineered to locate and extract valuable data. Traditional defenses like intrusion prevention systems (IPS), firewalls and security information and event management (SIEM) only generate singular security events, missing the overall campaign picture. Recent approaches like sandboxes are being bypassed, and organizations struggle to scale and operationalize newer endpoint offerings. Arbor Spectrum is a network-based advanced threat protection solution that delivers complete visibility with packets and flows to record the multiple stages of attack campaigns, while preserving the context needed to take swift and decisive action.
The Case for Network Traffic Security Analytics
“CISOs must realize that they need new types of tools to greatly improve incident detection and response. There are many ways to combat this difficult problem, but ESG believes that network traffic security analytics offers the best solution. The fact is that the majority of malicious actions – command and control, exploits, lateral movement, malware installation and more – utilize networks for execution. With the right network data collection, processing and analytics, security analysts can gain the insights necessary to accelerate detection and response. Thus, when it comes to security analytics, the network can be the ultimate source of truth,” said Enterprise Strategy Group (ESG) Senior Principal Analyst Jon Oltsik in a new research paper titled The Case for Network Traffic Security Analytics.
Read the full ESG report here.
Centralize Campaign Clues Within a Visual Investigation Timeline
Arbor Spectrum v2.1 includes intuitive workflows that aggregate confirmed indicators of compromise (IOCs) into formal investigations on a visual timeline, enabling novice and experienced incident responders to collaborate and maintain continuity during security operations center (SOC) shift changes. By connecting data such as host profiles and network connections with workflows to validate and escalate investigations, security teams are empowered to make decisions faster and with higher confidence than with traditional solutions.
Detect and Visualize Confirmed Threats in Real-Time
Arbor Spectrum combines Arbor’s visibility into one-third of global internet traffic and unique threat intelligence from Arbor’s Active Threat Level Analysis System (ATLAS) to detect and visualize the most damaging threats facing enterprise organizations. Through this global lens that correlates external intelligence and internal traffic, analysts are empowered to keep up with the attacker regardless of what and whom they are targeting.
Search and Surface Indicators of Compromise from Past or Present
Arbor Spectrum offers scalable forensics for all connections, including packets and flows. It also delivers complete visibility into all past and present network activity at a significantly lower cost and complexity than traditional network forensics solutions.
Prove and Resolve Threats Faster for Dramatic Efficiency Gains
This approach helps empower and scale teams of any size with a high performance investigation platform to visualize, investigate and confirm threats 10X faster than other security solutions.
About Arbor Networks
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor Networks Spectrum™ advanced threat solution delivers complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of attack campaigns, malware and malicious insiders. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business.
To learn more about Arbor products and services, please visit our website at arbornetworks.com or follow on Twitter @ArborNetworks. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.