All Research
Leadership Brief
NTDR products/services are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? We’ll look at what NTDR products do, reasons to consider NTDR, and some high-level evaluation criteria regarding NTDR products.

1 Executive Summary

Network Threat Detection & Response (NTDR) solutions look for evidence and effects of malware that may have slipped past Endpoint Protection (EPP) products or found its way onto networks in other ways. NTDR solutions log network-level communication data centrally, examine traffic patterns and in some cases payloads in real-time, and alert security analysts when potentially suspicious behavior is found.

Many organizations use EPP, Endpoint Detection & Response (EDR), and NTDR products for layered defenses. NTDR tools often work in multiple environment types: on-premises, hybrid, and inside IaaS. For the on-premises portion, the tool must intercept network traffic at the appropriate points. Most vendors provide virtual instances that run inside Amazon and Azure, and in some cases Google and Oracle IaaS and PaaS too.

How do you know if NTDR is something your organization needs? We will look at a simple flowchart and describe business use cases where NTDR can be a crucial cybersecurity architectural component below.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use