Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyze raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south). NDR products include automated responses, such as host containment (through integration) or traffic blocking, directly or through integration with other cybersecurity tools. NDR can be delivered as a combination of hardware and software appliances for sensors, some with IaaS support. Management and orchestration consoles can be software or SaaS.
"Enhancing Network Security Through Artificial Intelligence"
I started considering the adoption of Darktrace in 2019 and carefully evaluated it through two Proof of Value(POV) assessments before implementing it in 2023. The sheer volume of network packet logs made it impossible for humans to manually review them, yet these logs contained critical information that couldn't be ignored. Through experience, I knew that traditional rule-based methods would fail to address this issue effectively. The solution must be AI. However, in 2019, depite the heavy focus on AI, it was crucial to discern genuine AI technology from mere marketing hype. During our POV assessments, we discovered numerous violations that traditional rule-based approaches couldn't detect. By 2023, after two thorough POV evaluations, we confirmed that Darktrace's technology was worth the investment. Over approximately a year of use, we have identified numerous violations, and our network security detection processes have bacome centered around Darktrace.
"Tool that is easy to deploy, to make deeper analysis and/or to be alerted to any attacks."
Installing and configuring the production NDR Vectra was a smooth and efficient process. Right from the start, the support team demonstrated their expertise and professionalism, ensuring that every step was executed flawlessly. The clarity of the installation instructions and the user-friendly interface made it easy to follow along and set up the system.
"Exploring the Features and Flexibility of the ExtraHop RevealX Network Tool"
ExtraHop RevealX is a feature-rich, cost-effective Network Detection and Response product that helps provide great insight into live network usage. The support team is helpful without being pushy and there is a community of experienced professionals eager to share stories and solve problems.
"Very capable for network flow analysis and quite convenient for log collection"
The implementation was easy and every upgrade was simple to do and customer support is very fast to help us when necessary. The other most helpful part of this tool is the integration it supports with most of the tools we use that makes it easy to integrate log sources using existing readily available modules.
"Reimagining Cloud Security and Threat Detection with Advanced Tool TDP"
TDP has accurate alert capabilities. It is able to precisely detect intranet breaches, and conduct timely identification and response, thereby enhancing the security of our cloud environment.
"Recommendation of Hillstone BDS"
We have implemented the Hillstone Breach Detection system in our network, and the experience has been overwhelmingly positive. The system's AI-powered threat detection capabilities are impressive. Its user-friendly interface allows for easy navigation and quick incident response. Overall, the Hillstone Breach Detection system has greatly enhanced our cybersecurity posture, providing peace of mind and robust protection against potential breaches.
"Simple and solid in managing attacks across endpoints and efficient at file roll back "
It provides a fantastic dashboard that gives a great overview of all the suspicious activity across our endpoints and virtual machines. This tool is much more robust and the real-time reporting on the network activity has been very insightful.
"Easy to rollout and powerful platform with the strongest threat detection capabilities"
The platform employs fantastic behavioral analysis and machine learning algorithms to identify and stop advanced threats in real-time. The incident analysis is very detailed and allows us to graphically explore the chain of events that preceded and followed an incident.
"Stellar Cyber's Inclusive NDR Capability: A Game-Changer for SOC Teams"
When Stellar Cyber comes to its NDR capability, it is fully built into their XDR platform, and that is one of the aspects that has helped our SOC team. Visibility into the network in addition to endpoints, applications and other security tools helps our SOC team tremendously. The visibility that we receive is unmatched. Overall, our experience has been excellent.
"Very powerful tool for accurate threat detection with outstanding rollback feature"
The installation was very straightforward and it provides several competitive advantages, such as behavior-based detection and very effective response capacity. It has a brilliant user-friendly interface that makes this modern and powerful threat detection and response tool easy to use.
"Enhancing Cybersecurity: A Look at Virus Intrusion and Attack Analysis"
Easy installation 1.you may need to understand the issues of mirroring ports and different VLANs. 2. The interface is easy to use. 3.Supports the analysis of virus intrusion and attack is well .
"Gatewatcher NDR: A Reliable & Highly Scalable Network Security Solution"
The integration went smoothly and our IT team found the tool user-friendly, with an intuitive interface and minimal learning curve. Comprehensive training sessions further facilitated quick mastery of Gatewatcher NDR. Since implementation, we've seen significant improvements in our network security, with enhanced real-time monitoring and reduced false positive. Gatewatcher Ionic has exceeded our expectations, proving to be reliable and easy-to-integrate solution.
"Comprehensive security platform allowing far superior visibility into our network"
The implementation was straightforward and it allowed us to integrate into our SIEM to get additional alerts and also with additional services for free. It has proven to be very effective against all network threats and the professional support team ensures we feel in safe hands and are getting the best out of the investment.
"Quick to implement, efficient and comprehensive threat and vulnerability management tool"
It offers robust threat detection capabilities and we integrated this tool with many other solutions in our environment and they all work harmoniously and seamlessly, offering improved visibility into the organization security posture and great understanding of potential vulnerabilities and threats.
"Simple to implement and very powerful tool with excellent threat detection rate"
It offers powerful and very effective scans and signature detections that protect us from against the most recent threats and the web filtering capabilities are great at allowing us to block access to malicious or unwanted websites.
"Efficient tool for threat detection, persistent blocking and central policy management"
The endpoint works well on both new and old systems and customer support is responsive and quick to act which comes in handy in our organization. Policy configuration was very easy to understand and roll-out and the isolation feature allows us to cut-off the network connectivity to allow better debugging in case of an attack.
"Plixer - A highly scalable and reliable product"
We have been using Plixer for over 6 years and never had any issues with the product or support. I have been pleasantly surprised with the support we have been offered for security updates in a timely fashion as well.
"Our road to the best fitting NDR: Exeon"
From our Proof of Value until the final Go-Live, we were directly in contact with Exeon. This enabled the whole project to be fast and efficient. The overwall experience with all Exeon employees was and still is pleasant. The product delivers detailed indepth insights into our network and highlighted "holes to close", which we weren't aware of.
"Exceptional Network Security with Easy Setup and Robust Performance"
We had an excellent overall experience with Cryptomage Cyber Eye. Representing x and IT provider for the great Orchestra of Christmas Charity, we have relied on Cyber Eye to secure (among other solutions) the Grand Finale for the past two years. The probe consistently delivered robust networ security, effectively detecting and responding to threats in real-time. It has a clear user interface and reliable performance. Cyber Eye was one of the crucial for the safety and integrity our IT infrastructure during critical operations. The support form the team was exceptional - responsive and with great knowledge
"Very user-friendly, dependable and effectively addresses threat detection and prevention"
The tool was really easy to implement, it has a great support team resolving any queries instantly and the integration with other services was intuitive. It has a great UI design and it impresses with its robust reports that provide efficient network analysis mainly about threat visibility and how we can track and mitigate.