Network Detection & Response
NDR focuses on monitoring and analyzing network traffic to detect and respond to threats in real-time. It employs techniques such as network packet capture, deep packet inspection, and behavior analysis to identify suspicious activities or anomalies on the network.
Including NDR capabilities within an XDR solution, organizations can gain enhanced visibility into network traffic, improve threat detection and response capabilities, and better defend against sophisticated cyber threats that may target their network infrastructure
Managed Network Detection and Response for your datacentre, virtual, WAN, and branch networks
Ongoing, real-time monitoring and detection via advanced analytics and machine learning
Advanced detection capabilities and rich threat intelligence leave no opportunities for attackers
Get data from all sources in a single view, and follow attackers as they move laterally, visualising the entire extent of the attack
When a threat is detected, we activate our investigation and response capabilities across all parts of the environment, would it be network, endpoint, or cloud
Overwatch Network Solution
- is a real-time managed network detection and response solution which can be deployed to monitor inline network traffic on-premises or in-cloud, inspecting both horizontal and vertical traffic flows in physical and virtual networks.
- brings automated and integrated threat intelligence and expert human security-analyst threat hunting to your network to provide superior threat detection and response capabilities, leaving no threat undetected.
- detects even the most concealed activities and utilizes our machine learning technologies to identify unknown threats, lateral movement, and malicious insider behaviour.
- brings full forensic investigation capability into your environment and supports full packet capture for advanced investigation and evidence collection.
- The collected data is transitioned to our XDR platform and correlated with other information collected from endpoints, applications, system logs, and public cloud instances. Within our rich threat intelligence ecosystem, threat indicators are transformed into the full attack kill chain and all attack stages as seen in various parts of the environment are identified.
HOW IT WORKS
The Overwatch Network Solution integrates into your network segments and inspects both inbound and outbound traffic in your environment in real time. The sensor appliances can tap into your branch offices, WAN segments, and cloud networks.
All data is integrated into our XDR platform where threats are detected and blocked on the network perimeter and within the network in real time.
– Lateral movement
– Command & Control traffic
– Backdoors and tunnels
– Malware and botnet connections
– Internal port scanning and reconnaissance
– Password brute forcing
– Insider threats
– Impersonation and spoofing attacks
– Exploitation attempts
– Unauthorised remote access tools
– Rogue devices
Deep Network Visibility
Detailed recording of network metadata and full packet-level communications for investigations and forensic evidence gathering.
Network Solution analyses user and machine behavior and provides insights based on detected deviations and anomalies.
Get full visibility into your network and see who is talking to what to create a complete baseline for all internal and external connections.
Threat Detection and Response
Automated and human-powered detection, threat hunting, and immediate threat response.
Detection is supported by our threat intelligence data, distributed to all Network Solution sensors in real time.
The detected threats can be immediately disrupted, at the network perimeter level or as a tactical within-the-network containment measure
Ongoing Assurance
Ongoing assurance of your security posture with continuous network inspection and detection, identifying policy violations such as the use of unencrypted services, plain-text passwords, and shadow IT assets.
All collected data is translated into an organisation-level risk report, with a detailed security scorecard for all components of your environment.
Access real-time reporting and visualizations in your Customer Portal instance, constructing the whole enterprise scorecard in one click.