NETSCOUT SYSTEMS, announced the successful interoperability of Omnis™ Cyber Intelligence (OCI) with Amazon Security Lake, powered by Amazon Web Services (AWS), to deliver advanced network detection and response (NDR) insights. With comprehensive network visibility, contextual cybersecurity investigation, and smart detection, OCI enhances the quality of Amazon Security Lake, so that companies can manage threats across complex hybrid-cloud infrastructures.
NETSCOUT participated in the Amazon Security Lake beta program, in which OCI enriched the security data in the Amazon Security Lake, helping to optimize the smart outcomes of artificial intelligence/machine learning (AI/ML) algorithms and other subscriber applications. Leveraging Omnis CyberStream’s scalable deep packet inspection (DPI) and patented Adaptive Service Intelligence (ASI) technology, OCI delivers better insights and predictions to enhance an enterprise’s security posture.
Amazon Security Lake is built in the customer’s account. The data lake is backed by an Amazon Simple Storage Service (Amazon S3) bucket and organizes data as a set of AWS Lake Formation tables. Amazon Security Lake, enriched with OCI findings, becomes a source of valuable cybersecurity insights to understand what is occurring across an enterprise’s entire hybrid cloud information technology (IT) environment, including cyberthreats and attack surface changes.
Paul Barrett, CTO for enterprise, NETSCOUT, said, “Hybrid cloud infrastructure has become increasingly complex with multiple edges making it prone to increased cyberattacks,” “Exporting OCI findings, derived from deep packet inspection, into Amazon Security Lake gives customers added security and performance across multiple accounts, clouds, or on-premises networks. In addition, by converting network packet data into Smart Data, we can deliver comprehensive and consistent visibility across the entire digital infrastructure.”
OCI also integrates with AWS Security Hub and supports a variety of AWS native packet acquisition technologies, including Amazon Virtual Private Cloud (VPC) traffic mirroring, VPC ingress routing, Gateway Load Balancer (GWLB), and GWLB endpoint as target.