NETSCOUT Case Studies Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model

Edit This Case Study Record

	Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model NETSCOUT

Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model

NETSCOUT

Technology Category	Cybersecurity & Privacy - Network Security Cybersecurity & Privacy - Intrusion Detection
Applicable Industries	National Security & Defense
Use Cases	Cybersecurity Intrusion Detection Systems
Services	Training System Integration
Challenge	The government agency was in the process of building out their Security Operations Center (SOC) and wanted to leverage any existing technologies they had for security purposes. They had previously purchased a small order of OCI Cyber Adaptors for visibility into their 2 main datacenters that were on opposite sides of the country. The primary use by the SOC team for Omnis Cyber Intelligence was a packet capture and retrieval function related to an incident identified in their Splunk, Security information and event management (SIEM) platform. During initial product training of their first purchase, they learned more about their current infrastructure and the visibility gaps that existed, so they purchased more cyber adaptors to fill those gaps. Read More
About Customer	The customer is a government agency with thousands of employees. The agency supports millions of customers each year in multiple functions. The agency was in the process of building out their Security Operations Center (SOC) and wanted to leverage any existing technologies they had for security purposes. They had previously purchased a small order of OCI Cyber Adaptors for visibility into their 2 main datacenters that were on opposite sides of the country. The primary use by the SOC team for Omnis Cyber Intelligence was a packet capture and retrieval function related to an incident identified in their Splunk, Security information and event management (SIEM) platform. Read More
Solution	The solution involved a knowledge transfer to improve SOC analysts threat hunting capabilities and get more value out of original purchase. Additional training was provided for over 25 of their SOC analysts, the NETSCOUT team walked them through an interactive demonstration using their existing OCI solution on how to investigate and hunt for cyber threats through the user interface. During a live demonstration with the SOC analysts, they identified the Log4j vulnerability. By providing training on their existing solution, the organization realized they had more gaps in visibility and the value of adding more adaptors would increase their capabilities and reduce risks. The tier 2 analyst was able to use the back in time feature and discovered additional Log4j vulnerabilities that needed immediate remediation. Their current workflow starts with Splunk; OCI’s integration allows them to use OCI without drastic changes to their normal workflow. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Network Security

Cybersecurity & Privacy - Intrusion Detection

Applicable Industries

National Security & Defense

Use Cases

Cybersecurity

Intrusion Detection Systems

Services

Training

System Integration

Challenge

The government agency was in the process of building out their Security Operations Center (SOC) and wanted to leverage any existing technologies they had for security purposes. They had previously purchased a small order of OCI Cyber Adaptors for visibility into their 2 main datacenters that were on opposite sides of the country. The primary use by the SOC team for Omnis Cyber Intelligence was a packet capture and retrieval function related to an incident identified in their Splunk, Security information and event management (SIEM) platform. During initial product training of their first purchase, they learned more about their current infrastructure and the visibility gaps that existed, so they purchased more cyber adaptors to fill those gaps.

About Customer

The customer is a government agency with thousands of employees. The agency supports millions of customers each year in multiple functions. The agency was in the process of building out their Security Operations Center (SOC) and wanted to leverage any existing technologies they had for security purposes. They had previously purchased a small order of OCI Cyber Adaptors for visibility into their 2 main datacenters that were on opposite sides of the country. The primary use by the SOC team for Omnis Cyber Intelligence was a packet capture and retrieval function related to an incident identified in their Splunk, Security information and event management (SIEM) platform.

Solution

The solution involved a knowledge transfer to improve SOC analysts threat hunting capabilities and get more value out of original purchase. Additional training was provided for over 25 of their SOC analysts, the NETSCOUT team walked them through an interactive demonstration using their existing OCI solution on how to investigate and hunt for cyber threats through the user interface. During a live demonstration with the SOC analysts, they identified the Log4j vulnerability. By providing training on their existing solution, the organization realized they had more gaps in visibility and the value of adding more adaptors would increase their capabilities and reduce risks. The tier 2 analyst was able to use the back in time feature and discovered additional Log4j vulnerabilities that needed immediate remediation. Their current workflow starts with Splunk; OCI’s integration allows them to use OCI without drastic changes to their normal workflow.

Impact #1	Better visibility into their network and understanding of existing infrastructure
Impact #2	Discovered Log4j vulnerability during onboarding and applied immediate remediation
Impact #3	NETSCOUT is a trusted advisor and continuously provides key insights into their visibility and threat hunting challenges

Impact #1

Better visibility into their network and understanding of existing infrastructure

Impact #2

Discovered Log4j vulnerability during onboarding and applied immediate remediation

Impact #3

NETSCOUT is a trusted advisor and continuously provides key insights into their visibility and threat hunting challenges

Download PDF Version

Overview

Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model

Operational Impact