NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT), a leading provider of service assurance, security, and business analytics, today introduced NETSCOUT Arbor Edge Defence (AED), a new security solution that redefines the perimeter cybersecurity stack and serves as the first and last line of defence against multiple types of inbound and outbound threats.
“Data centre and network architectures are becoming increasingly distributed, straining traditional perimeter enforcement points. At the same time, targeted campaigns are now backed by internet-scale intrusions like NotPetya. The unique combination of stateless filtering, rigorous curation of threat intelligence, and ingestion of third party feeds, allows NETSCOUT to block outbound threats with the same level of confidence as the inbound DDoS attacks they’ve been blocking for years,” said Jeff Wilson, IHS Markit research director for cybersecurity.
Bringing Stateless Security to the Edge NETSCOUT AED is an always-on, in-line solution which can be deployed as a physical appliance or virtual network function. It sits outside the firewall, between the enterprise or data centre and the internet. A unique stateless packet processing engine provides efficient blocking of malicious traffic matching Indicators of Compromise (IoCs) without tracking any session state. As a result, NETSCOUT AED can make other perimeter defences more effective by protecting them from DDoS attacks, and offloading the overhead associated with applying millions of IoCs to traffic streams.
NETSCOUT AED leverages the Company’s proven market-leading DDoS technology that is already trusted by thousands of enterprises worldwide. As a result, it provides advanced packet-based protections against complex application-specific DDoS attacks and state-exhaustion techniques; as well as defenses against internet scale threats, neutralising the malware families that make up the global botnet threat. Armed with millions of reputation-based IoCs, NETSCOUT’s stateless packet processing engine can also detect and block outbound communication from internal compromised hosts that have been missed by other devices in the security stack; helping to stop further proliferation of malware and other tactics used within crimeware and advanced threat campaigns.
Operationalising Threat Intelligence NETSCOUT has the unprecedented ability to enable security and network teams to connect and correlate unique intelligence on emerging internet threats and trends, with visibility into what is happening across their entire internal organisation from a threat perspective. NETSCOUT’s Active Threat Level Analysis System (ATLAS®), collects, prioritises, and disseminates data on emerging threats based on our unique visibility into over one-third of all internet traffic. The ATLAS Security Engineering & Response Team (ASERT) is continuously and automatically delivering high fidelity threat intelligence via the ATLAS Intelligence Feed, enabling customers to not only block threats in real-time but enhance their defences over time.
NETSCOUT believes that effective threat intelligence not only identifies attacks but also provides context to understand and catalogue attack infrastructure, methods, related indicators to enable faster security decisions can be taken with greater confidence. NETSCOUT AED supports standards such as STIX/TAXII for ingestion of third-party threat intelligence and provides a robust REST API to integrate threat detection and blocking telemetry, and contextual threat intelligence into existing SOC workflows and management tools.
“NETSCOUT AED provides a scalable, high-efficiency means of detecting and blocking traffic matching threat intelligence. Using both our own ATLAS Intelligence Feed (AIF) and third-party IoCs ingested via STIX/TAXII, we can detect and block many of today’s threats while feeding information into other elements of the security stack via a robust set of APIs,” said Darren Anstee, NETSCOUT’s chief technology officer for security.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.