Network Detection and Response
Network detection and response (NDR) is a cybersecurity approach built to continuously monitor your network for malicious activity. NDR is undergoing rapid deployment because it detects threats and anomalies many traditional security tools cannot see. This is why Gartner created the NDR category in 2020.
How does network detection and response work?
NDR solutions analyze the behavior of network traffic. The most advanced NDR platforms combine machine learning with Encrypted Traffic Analysis (ETA). With this approach, all traffic is analyzed for its behavior, regardless of whether the network traffic is encrypted. Attackers and their actions are rapidly revealed so network defenders can respond.
Key cybersecurity benefits of advanced NDR, which employs encrypted traffic analysis:
- Eliminates encryption blindness
- Easily deploys and monitors edge, core, and cloud; vendor agnostic
- SOC enabled and uses risk scores and Mitre ATT&CK labeling
- Validates end-to-end security compliance
Resources related to network detection and response
Here are additional resources to help you evaluate the potential of NDR to increase your organization’s security posture.