Skip to main content

Threat Hunting with Multiple Threat Detections in Omnis Cyber Intelligence

To aid in #ThreatHunting, Omnis Cyber Intelligence (OCI) uses multi-dimensional #ThreatAnalytics at the source of capture and targeted ML techniques that are deterministic, and minimize false positives. These multi-dimensional #ThreatDetection methods include IOCs, compliance, policy violations, Suricata-based signatures, unexpected traffic, and behavior analysis to ensure comprehensive #NetworkSecurity coverage. In this demo, NETSCOUT covers how the OCI #cybersecurity platform uses multiple threat detection mechanisms, including Threat Intelligence, Behavioral Analysis, Attack Surface Events, Compliance, IDS Events, and Policy Violations, to identify malicious traffic on the network. When threat hunting and investigating cyber threats with OCI, users can dive into each security event on a given area of their network to identify what has occurred and where it fits in the #MITREAttack framework to aid in response. This information helps expedite resolution and reduce downtime. OCI’s Host Investigation report shows a graphical view of everywhere the system is connected to. This helps identify potential malicious connections based on threat intelligence and other triggers. The report also includes all geolocations of connected systems to identify where the malicious intrusion is located. Learn more about OCI at