Network Detection and Response (NDR)

Network Detection and response (NDR) is a cybersecurity solution that continuously monitors an organizations network by collecting all network traffic for unprecedented visibility and using behavioral analytics, machine learning & artificial intelligence to detect cyber threats & anomalous behavior and respond to these threats via native capabilities or by integrating with other cybersecurity tools/solutions. Highly performant NDR solutions use advanced machine learning and artificial intelligence tools to model adversary tactics, techniques and procedures that are mapped in the MITRE ATT&CK framework to detect attacker behaviors with high precision. They surface security-relevant context, extract high-fidelity data, correlate events across time, users, and applications to drastically reduce time and effort spent in investigations. They also stream security detections and threat correlations to security information event management (SIEM) solutions for comprehensive security assessments. NDR solutions move beyond merely detecting threats, to, responding to threats in real-time by native controls or by supporting a wide-range of integrations with other cybersecurity tools.