Arbor Networks Inc., the security division of NETSCOUT, has introduced version 2.1 of Arbor Networks Spectrum, its advanced security analytics and threat-hunting platform, to the African region.

Arbor Spectrum empowers security teams to uncover, investigate and prove sophisticated attack campaigns within minutes, not hours or days.

Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks, says, "The problem of inadequate protection from advanced threats is a growing concern for African organisations, especially as more and more local companies digitise their operations and rely wholly on 100 percent uptime across all their systems."

He highlights that today's most dangerous network security threat is human orchestrated attack campaigns - a series of hidden events engineered to locate and extract valuable data. Traditional defences like intrusion prevention systems (IPS), firewalls and security information and event management (SIEM) only generate singular security events, missing the overall campaign picture. Recent approaches like sandboxes are being bypassed, and organisations struggle to scale and operationalise newer endpoint offerings.

Arbor Spectrum is a network-based advanced threat protection solution that delivers complete visibility with packets and flows to record the multiple stages of attack campaigns, while preserving the context needed to take swift and decisive action.

"CISOs must realise that they need new types of tools to greatly improve incident detection and response. There are many ways to combat this difficult problem, but ESG believes that network traffic security analytics offers the best solution. The fact is that the majority of malicious actions – command and control, exploits, lateral movement, malware installation and more – utilise networks for execution. With the right network data collection, processing and analytics, security analysts can gain the insights necessary to accelerate detection and response. Thus, when it comes to security analytics, the network can be the ultimate source of truth," according to Enterprise Strategy Group (ESG) Brief, The Case for Network Traffic Security Analytics, April 2016 by principal analyst, Jon Oltsik, Sr.

Arbor Spectrum v2.1 includes intuitive workflows that aggregate confirmed indicators of compromise (IOCs) into formal investigations on a visual timeline, enabling novice and experienced incident responders alike to collaborate and maintain continuity during security operations centre (SOC) shift changes. By connecting data, such as host profiles and network connections, with workflows to validate and escalate investigations, security teams are empowered to make decisions faster and with higher confidence than with traditional solutions.

Arbor Spectrum combines Arbor's visibility into one-third of global Internet traffic and unique threat intelligence from Arbor's Active Threat Level Analysis System (Atlas) to detect and visualise the most damaging threats facing enterprise organisations. Through this global lens that correlates external intelligence and internal traffic, analysts are empowered to keep up with the attacker regardless of what and whom they are targeting.

Arbor Spectrum offers scalable forensics for all connections, including packets and flows. It also delivers complete visibility into all past and present network activity at a significantly lower cost and complexity than traditional network forensics solutions.

This approach helps empower and scale teams of any size with a high performance investigation platform to visualise, investigate and confirm threats 10X faster than other security solutions.