惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Securelist
有赞技术团队
有赞技术团队
WordPress大学
WordPress大学
V
V2EX
Google DeepMind News
Google DeepMind News
B
Blog RSS Feed
The Register - Security
The Register - Security
Recorded Future
Recorded Future
Y
Y Combinator Blog
小众软件
小众软件
Jina AI
Jina AI
V2EX - 技术
V2EX - 技术
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
P
Proofpoint News Feed
Engineering at Meta
Engineering at Meta
宝玉的分享
宝玉的分享
The Hacker News
The Hacker News
C
Cybersecurity and Infrastructure Security Agency CISA
K
Kaspersky official blog
博客园 - 三生石上(FineUI控件)
T
Threatpost
博客园 - 聂微东
Scott Helme
Scott Helme
IT之家
IT之家
N
Netflix TechBlog - Medium
T
The Exploit Database - CXSecurity.com
S
Schneier on Security
MongoDB | Blog
MongoDB | Blog
T
Tor Project blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
A
About on SuperTechFans
酷 壳 – CoolShell
酷 壳 – CoolShell
C
CERT Recently Published Vulnerability Notes
P
Palo Alto Networks Blog
Spread Privacy
Spread Privacy
C
Check Point Blog
L
LINUX DO - 最新话题
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Last Week in AI
Last Week in AI
Attack and Defense Labs
Attack and Defense Labs
T
Tailwind CSS Blog
罗磊的独立博客
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Webroot Blog
Webroot Blog
Help Net Security
Help Net Security
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
爱范儿
爱范儿
PCI Perspectives
PCI Perspectives
Security Latest
Security Latest

NETSCOUT

How Machines Are Taking Over Network Traffic | NETSCOUT Why AI Moves Faster Than the Controls Built to Manage It | NETSCOUT NETSCOUT Named a SPARK Matrix™ Leader in Network Observability for the Third Consecutive Year | NETSCOUT Why CDNs Alone Are Not Sufficient for Modern DDoS Protection | NETSCOUT All That Glitters Isn’t Gold: Why AI Needs Better Data | NETSCOUT From Horseback to Real-Time Observability | NETSCOUT Why Digital Twins Are Now Mission-Critical for Scaling 5G with Confidence | NETSCOUT NETSCOUT Earns Six Leader Badges in the G2 Summer 2026 Grid Reports | NETSCOUT When Too Much Data Becomes Too Big an AI Problem | NETSCOUT Game-Changing AI in the RAN Plays by Its Own Rules | NETSCOUT 75,000 DDoS-for-Hire Actors Targeted by Law Enforcement | NETSCOUT What Is NETSCOUT Smart Data and Why Is It So Important? | NETSCOUT Understanding Network Traffic for Threat Hunting | NETSCOUT Black Box Versus Glass Box DDoS Protection Intellyx Names NETSCOUT to Prestigious 2026 Digital Innovator Award List How to Operationalize Threat Hunting with NETSCOUT, SIEM, XDR, EDR, and SOAR Solving Network Blind Spots Created by Massive Data Silos The Self-Healing Network: Why Your AI Strategy Needs a Neutral Lens Does It Feel Like a Stormy Season in Your Cloud? Four AI Trends Transforming Network Operations The 1 A.M. Cloud Migration Meltdown Communication Service Provider Supports Banking Application Success Across International Borders Defending Against DDoS Attacks at Scale AI-Driven Workflow Automation Is the New North Star for Communication Service Providers Key Takeaways from the EMA Network Management Megatrends 2026 The Digital Foundation of Public Trust Is More Than Skin Deep Unlocking the Full Value of 5G with Network Slicing NETSCOUT to Have a Strong Presence at Cisco Live Why Airlines and Airports Must Embrace Observability Ahead of the Summer Travel Surge Beyond “Best Effort”: Why Carrier Grade 5G Slicing Matters More Than Ever | NETSCOUT The Shrinking Lifespan of SSL/TLS Certificates | NETSCOUT From Packets to Insight: How Curated Network Data Powers AI | NETSCOUT Data Centers Are Feeling the Heat, and That’s OK | NETSCOUT If You Can’t See the Slice, You Can’t Sell the SLA | NETSCOUT Insights from the GigaOm Radar for Network Observability v6 Report | NETSCOUT How Shadow AI Creates Zombie Infrastructure NETSCOUT Earns Eight Leader Badges in the G2 Spring 2026 Grid Reports Your Modern Manufacturing Network Deserves a Modern Observability Strategy How Botnet-Driven DDoS Attacks Evolved in 2H 2025 The Hidden Cost of Poor Network Observability Insurance Systems Look Simple, but the Infrastructure Isn’t How AI is Transforming the RAN With the Right Data When Cloud SaaS DDoS Mitigation Offerings Aren’t Enough Frictionless Banking Experiences Start with Observability Colocation Growth Demands Scalable End-to-End Observability Bringing Shadow AI Into the Light AIOps Outcomes Depend on Data Quality, Not Algorithms Why AI, Zero Trust, and Modern Security Require Deep Visibility How Service Behavior Changes in Remote Locations The 10-Hour Problem: How Visibility Gaps Are Burning Out the SOC From Insight to Impact: Observability Fuels AI-Driven Innovation How Orphaned Applications Are Quietly Fueling Your Shadow IT Problem Why Today’s Security Tools Can’t See the Network Anymore How NETSCOUT Addresses Modern Network Observability Challenges Helping IT Organizations Prevent Disruptions Before They Impact Business How Hidden Blind Spots Quietly Became Cybersecurity’s Biggest Vulnerability The Blame Game! Is it the Network or Gaps in Observability? Six Winter 2026 G2 Leader Badges Prove This DDoS Protection Stands Out The Value of Combining Modern Observability Solutions for Actionable Insights AI Failure Is the Norm Because Most Initiatives Are Flying Blind NETSCOUT Distinguished by Frost & Sullivan with the 2025 Company of the Year Recognition 5 Emerging AI Data Trends Enterprise IT Teams Cannot Ignore What is Network Slicing NETSCOUT’s Omnis Cyber Intelligence Earns Security Today’s 2025 CyberSecured Award Turning a Flood of 5G Data into Rocket Fuel for AIOps NETSCOUT Recognized by Comparably as a Top Workplace for Q4 2025 How to deliver consistent ultra-low latency, high-throughput, and total reliability across complex networks Smart Data: The Super Fuel Driving Next-Gen Observability NETSCOUT Recognized for Leadership in Network Detection and Response Integrating Deep Packet Inspection in 5G Networks Removing Barriers to Digital Transformation Gain Real-time Visibility to Future Proof Your Network for Autonomous Operations Why Is Cloud Performance Still Foggy? Smarter DDoS Security at Scale How DPI Is Transforming Observability and Operational Resilience 10 Key Challenges to Optimizing Radio Access Networks in the 5G Era Why Arbor Edge Defense and CDN-Based DDoS Protection Are Better Together NETSCOUT’s Holiday Playlist for IT Teams and Leaders More Data Does Not Always Equate to Better Business Visibility Seeing Clearly with Deep Packet Inspection at Scale How to Ensure High Availability for FWA Services System Integrators and the Future of Enterprise IT The Transformative Power of ‘Thinking’ AI and the Implications for Business How Fast Can Your Organization Identify and Resolve IT Outages? Observability for the “Always On” Power Industry
Resilience Is the Foundation of Modern Security Strategy | NETSCOUT
Brad.Christian · 2026-07-16 · via NETSCOUT

For years, cybersecurity strategy was built around a familiar objective: Stop the attack before it succeeds. Build stronger defenses. Patch faster. Block more traffic. Prevent compromise.

That goal still matters. Prevention remains essential. But in the modern threat landscape, prevention alone can no longer be the organizing principle for security strategy. The more important question is becoming this: Can the business keep operating when attacks inevitably get through?

That shift is increasingly visible among security practitioners. The emerging consensus is not that organizations should abandon prevention, but that they must stop treating it as the final measure of success. Not every attack can be blocked. Not every compromise can be prevented. Security programs must therefore prioritize rapid detection, containment, recovery, and continuity alongside protection.

This is why resilience is becoming the new center of gravity for cybersecurity.

Prevention-First Models Are Breaking Down

Prevention-first security models were built for a world in which attacks were slower, indicators were more stable, and defenders had enough time to identify and stop threats before they caused material damage. That world is disappearing.

Attackers are already using AI to automate reconnaissance, generate phishing campaigns, discover vulnerabilities, create malware variants, and scale social engineering. These capabilities challenge human-in-the-loop response models because the attacker can operate at machine speed while many defensive processes still move at human speed. External research reinforces the same pattern: Cybercriminals are using AI to accelerate phishing campaigns, vulnerability research, malware creation, automated cyberattacks, and financial crimes, while also distributing dark AI tools that lower the skill barrier for malicious activity.

The distributed denial-of-service (DDoS) landscape illustrates the scale of the problem. The latest NETSCOUT DDoS Threat Intelligence Report revealed more than 8 million DDoS attacks across 203 countries and territories in the second half of 2025, while attack capacity reached demonstrated levels of up to 30Tbps and 4Gpps. The report notes that conversational AI interfaces are now helping even nontechnical adversaries orchestrate complex attacks, collapsing the traditional barrier between intent and capability.

This is the attacker advantage in its clearest form. Defenders must protect every service, dependency, identity, application, API, network edge, and third-party connection. Attackers need only find one path that works. AI and automation make that path easier to discover, easier to exploit, and easier to adapt when defenses respond.

The Threat Landscape Is Built for Speed, Scale, and Adaptation

Modern attacks are not isolated events. They are increasingly part of interconnected abuse ecosystems. AI-generated phishing and social engineering make scams more convincing and scalable. AI-assisted malware development makes variants more evasive. Botnets built from compromised Internet of Things (IoT) and customer-premises equipment can generate high-volume traffic. DDoS-for-hire services continue to democratize sophisticated attacks. Fraud, phishing, account takeover, infrastructure abuse, and availability attacks are increasingly viewed as related business risks rather than separate security silos.

In other words, the business impact of cyber risk is no longer limited to breach response. It includes availability, customer trust, transaction integrity, digital experience, and operational continuity.

That is why resilience is a board-level issue, not just a security operations issue.

Resilience Does Not Replace Prevention. It Reframes It.

The argument for resilience is not an argument against prevention. It is an argument against prevention-only thinking.

Operational resilience is the ability of a service to withstand disruption: to resist, recover, and rebuild when failure or attack occurs. It is where service assurance and security intersect, because the customer does not experience security as a control framework; the customer experiences security as confidence that a digital service is available, trustworthy, and working as expected.

That distinction matters. A prevention-first model asks, “Did we block the attack?” A resilience-first model asks a more complete set of questions:

  • Do we have the visibility to know what is happening across our infrastructure?
  • Can we detect abnormal behavior before it becomes disruption?
  • Can we respond automatically when attacks move faster than analysts can?
  • Can we contain impact before it cascades across services?
  • Can we maintain availability and customer experience under pressure?
  • Can we recover quickly and learn from the event?

This is the operational reality chief information security officers (CISOs) are moving toward. The CISO role has shifted from a focus mostly on operational security and protection toward operational resilience as perceived by customers using digital services. Protect and react are not enough; proactive intelligence, continuous compliance, and resilience are now key.

Behavior Reveals What Signatures Miss

A resilience-first strategy requires a different kind of defensive architecture. Static controls still have value, but they are not enough against adversaries that can change infrastructure, payloads, timing, tactics, and traffic patterns on demand.

Security practitioners are increasingly emphasizing the limitations of signature-based defenses, static indicators, simple reputation systems, and single-point detection approaches. The stronger path is behavioral and infrastructure intelligence: understanding what normal looks like, detecting deviations, and acting quickly when behavior changes.

This is especially important for DDoS and infrastructure-scale threats. AI-coordinated campaigns can generate traffic variants, discover rate limits, mimic legitimate user patterns, and pivot between vectors and targets at machine speed, which pushes defenders toward behavioral baselining, anomaly detection, statistical outlier analysis, and automated response.

For modern security strategy, this is where the message becomes clear: Machine-speed threats require machine-speed defense. That means trusted telemetry, infrastructure visibility, behavioral analytics, intelligence-driven protection, and automated mitigation operating together.

What Resilience Looks Like in Practice

Resilience becomes real when it is operationalized across the environment.

First, organizations need comprehensive visibility across all network edges. That includes visibility across peering, aggregation, data-center, and mobile packet-core environments so defenders can detect inbound and outbound attack traffic.

Second, they need behavioral detection. Machine-learning-based anomaly detection can profile normal traffic baselines and flag deviations in volume, composition, and timing instead of relying only on static signatures.

Third, they need automated response. Purely manual, ticket-driven playbooks are too slow for machine-speed attacks; preapproved automated actions for classification, diversion, and mitigation allow organizations to respond quickly while reserving human oversight for policy and business decisions.

Fourth, they need containment and recovery. Resilience depends on the ability to isolate malicious flows, protect critical services, preserve forensic context, and restore trusted operations. Operational integrity requires continuous and automated monitoring because the level of detail required is beyond human observation alone.

Finally, they need collective intelligence. No single organization can see the entire threat landscape. Threat intelligence sharing, live global threat feeds, and behavioral patterns tied to emerging AI-assisted tactics help turn local defense into collective defense.

This is the role of intelligence-driven protection and service assurance: to connect security telemetry, infrastructure context, and operational outcomes into a single resilience strategy.

Resilience Is the Foundation of Modern Security Strategy

The future of cybersecurity will not be defined by perfect prevention. It will be defined by the ability to keep critical services available, trusted, and recoverable under sustained attack.

That is already reflected in public-sector strategy. CISA’s cybersecurity strategy describes a future in which organizations are “secure and resilient,” and emphasizes collaboration, innovation, accountability, and security at scale. CISA also notes that the critical infrastructure threat environment has changed because of advances in technologies such as AI, malicious cyberactivity, and the need for stronger resilience requirements across sectors.

For business and security leaders, the implication is straightforward: Prevention is still necessary, but resilience is now strategic.

Organizations that continue to measure security primarily by blocked attacks will miss the larger issue. The real test is whether they can see what is happening, understand what is changing, respond at machine speed, contain impact, preserve service continuity, and recover with confidence.

Learn more about NETSCOUT service availability solutions.