Arbor Sightline, Arbor Edge Defense and Cortex XSOAR
Arbor Sightline and Arbor Edge Defense (AED) augment a layered security strategy with visibility and industry-proven workflows, enabling intelligently automated mitigations of DDoS attacks. NETSCOUT offers a comprehensive portfolio of fully integrated, in cloud and on-premises DDoS protection products and services; all backed by continuous global threat intelligence. Through proactive detection of network or service availability threats, Sightline can automatically mitigate DDoS attacks while AED delivers smart perimeter protection to detect and stop all types of cyber threats including DDoS attacks and IoCs - both entering or leaving networks. Sightline is a vital component of a hybrid DDoS management solution for service providers and enterprises with integrations to Arbor Threat Mitigation System (TMS), ATLAS Intelligence Feed, Arbor Cloud, and AED. Customers use AED to gain rapid, clear insights into security across the entire IT environment from the network, application, cloud, and user community perspective, allowing enterprises to get ahead of attackers and prevent any compromise./p>
As the market-leading extended security orchestration, automation, and response (SOAR) platform, Cortex XSOAR is designed to simplify and automate complex security workflows across the security stack. It is the only platform that offers more than 600 comprehensive playbooks, an incident War Room, active case management, an integrated team chat function with DBot virtual assistant, native threat intelligence management, and a built-in marketplace. SOC teams can reduce manual cycles, manage alerts across any source, standardize processes with playbooks, enrich incidents with threat intelligence, and automate response for any security use case thanks to our Palo Alto Cortex XSOAR integrations.
NETSCOUT Integrates Smart DDoS Protection With Cortex XSOAR
Arbor Sightline + Cortex XSOAR integration takes security assurance to a new level by combining the world’s best DDoS protection with the most comprehensive SOAR platform by connecting technology, process, and people.
Key Benefits
Solve threats as they emerge using an integrated solution combining smart DDoS protection with the leading SOAR platform
Reduce corporate risk and increase service availability with precise DDoS attack mitigation and security stack automation
Get quick time to value with the easy-to-deploy Arbor Sightline and AED content packs through the Cortex XSOAR Marketplace
NETSCOUT is a Palo Alto Networks Nextwave Technology Partner. Arbor Sightline and AED are fully certified integrations within the Cortex XSOAR ecosystem. Visit Cortex XSOAR to learn more.
User Experience
Once informed by Arbor Sightline and AED, Cortex XSOAR can perform actions for changes to enforcement and provide security teams the flexible responses they need. Cortex XSOAR enables operations teams to streamline security processes by ingesting Arbor Sightline DDoS incident reports and using automation in the form of playbooks to trigger security enforcement through any device within the environment.
When AED detects attacks at the network edge it can provide to Cortex XSOAR the hosts, countries, domains, and URLs from the attack to be blocked. Cortex XSOAR’s out-of-the-box (OOTB) integration with Arbor Sightline and AED can be found in the Cortex XSOAR Marketplace, which is a built-in extension of Cortex XSOAR. The Marketplace enables easy deployment of the Arbor Sightline and AED integrations to optimize security posture.
Featured Resources
Arbor Visibility Solutions
Arbor Sightline has been evolving with operators over the last decade and continues to be the de facto platform for understanding how traffic is flowing through your network.
NETSCOUT Threat Intelligence
As DDoS has moved from just a diversion to be a feature of malware and botnets used in cybercrime and APT attacks, NETSCOUT has expanded its intelligence threat research team and research capabilities to tackle additional threat types.
Protecting Your Stateful Devices
The best practice for DDoS protection is a hybrid approach, which includes a cloud-based and on-premises, in-line, stateless DDoS protection solution like AED to protect your stateful devices from further attacks.