Corporate networks are often hybrid and spread across several locations. When it comes to cyber defence, it is important to maintain a complete overview, and this includes complex networks. With Network Detection & Response (NDR), you get the visibility back and can detect cyber attacks at an early stage.
These days, the majority of network traffic is encrypted. This makes anomaly detection more difficult, such as when malware communicates with a command and control server via open standard ports. And even internal shadow IT, such as unofficial access points, remains undetected in encrypted traffic. An effective NDR solution must therefore be able to correlate signals from a range of sources and rapidly detect anomalies.
End-to-end visibility over your entire network
Reduction of analysis workload thanks to the automated correlation of security incidents
Reliable identification of internal shadow IT and unwanted cloud services
The network is an important component of cyber defence. Companies require a wide range of security mechanisms to detect and block cyber attacks. You therefore need a solution to analyse the network traffic and rapidly detect anomalies as well as potential vulnerabilities – for novel types of attack too.
To analyse security incidents efficiently, the NDR solution needs to generate minimal false positives and enable the security experts to concentrate on the critical events. You cannot solely rely on known indicators of compromise to protect your company from new or varying patterns of attack. Unknown anomalies must also be registered to meet the required security standards.
What’s in it for you:
Would you like personal advice on the Network Detection & Response options available? Get in touch without obligation.
Two service options are available. With the On-Premise version, the NDR appliance runs on your own infrastructure. With the Managed version, Swisscom operates the appliance in one of its own Swiss data centres.
Use AI-enabled detection to identify advanced persistent threats (APTs) and automate certain steps in the threat hunting process.
Ransomware/Trojan attacks go through various phases lasting from a few days to several months. Detect these attacks at an early stage and react before the attackers press the kill switch to encrypt your systems.
Inventories and blacklists are often not up to date, leading to internal and external threats from shadow IT. Detect the use of unwanted cloud services and unauthorised devices in the network.
You can only protect what you can see. The graph database and specialised visualisations make it easy to browse billions of raw data points.
Register your security guidelines in the NDR solution for efficient monitoring and implementation of your requirements.
NDRaaS is an analytical module that complements our Threat Detection and Response service offerings. Detected threats can then be further processed by the analysis and incident response services.
Still looking for answers? Our security experts will be happy to advise you.