Case Studies

Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model

NETSCOUT Case Studies

Issue link: https://read.uberflip.com/i/1464702

Contents of this Issue

Navigation

Page 0 of 1

S E C U R I T Y l CASE STUDY l Company Background This government agency has thousands of employees and supports millions of customers each year in multiple functions. Challenge This client was in the process of building out their SOC and wanted to leverage any existing technologies they had for security purposes. Last year this organization purchased a small order of OCI Cyber Adaptors for visibility into their 2 main datacenters that were on opposite sides of the country. The primary use by the SOC team for Omnis Cyber Intelligence was a packet capture and retrieval function related to an incident identified in their Splunk, Security information and event management (SIEM) platform. During initial product training of their first purchase, they learned more about their current infrastructure and the visibility gaps that existed, so they purchased more cyber adaptors to fill those gaps. With this ability to get a more comprehensive view of their attack surface, they were also able to look back in time, specifically to show the Log4j vulnerability. OVERVIEW The Challenge • Company had visibility gaps in the network and cloud • Security Operations Center (SOC) Maturity Model for Threat Hunting was underdeveloped • Not using previous Omnis ® Cyber Intelligence (OCI) purchase and packet metadata to its full potential The Solution • Knowledge transfer to improve SOC analysts threat hunting capabilities and get more value out of original purchase • Adding additional Cyber Adaptors to gain a more comprehensive visibility of their attack surface • OCI bootcamps for ongoing SOC Analyst development The Results • Better visibility into their network and understanding of existing infrastructure • Discovered Log4j vulnerability during onboarding and applied immediate remediation • NETSCOUT ® is a trusted advisor and continuously provides key insights into their visibility and threat hunting challenges • OCI was able make their existing security technology stack stronger with easy integration and higher quality data Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model

Articles in this issue

Links on this page

view archives of Case Studies - Omnis Cyber Intelligence Increases Network Visibility and Improves Threat Hunting Maturity Model