451 Research Discusses the Next Generation of Network-Based Threat Detection

According to 451 Research, Network Detection and Response (NDR), what this research firm calls Network Visibility Detection and Response (NVDR), is gaining momentum for several reasons. It helps security operations better understand their environment, better detect threats before outsiders find them first, and better shut down attacks to minimize adverse business risks.  451 Research’s new report provides a detailed drilldown on the benefits that are driving demand.

NDR Market Drivers

Below is a brief recap of top incentives to deploy NDR.

  • Aging intrusion detection and prevention products. Enterprise security teams justify NDR purchases for multi-cloud transformations as a modernization effort for replacing aged IDS/IPS deployments, while satisfying clauses in compliance mandates. (See our recent white paper on this very topic.)
  • Unacceptable dwell times for attacks. The average dwell time to detect a breach is over 200 days. The security industry recognizes that machine learning-based approaches that can detect threat behaviors may play a vital role in tactics that can reduce dwell times significantly and their resultant business risks.
  • The need to secure IoT, operational technologies (OT), and devices within industrial control environments. Intelligent devices lacking embedded security functionality – and without effective upgrade and patch paths – can be compromised and can put organizations at risk.
  • The need to secure cloud-hosted applications without degrading performance and workload densities. NDR learns the relationships between application elements, continuously monitoring both north-south and east-west network traffic, to act at the first signs of trouble.
  • The alert fatigue crisis. NDR minimizes false positives and consolidates isolated alerts into fewer, more meaningful incidents for operations staff, which facilitates faster and more complete remediation.
  • The opportunity for network and security operations to utilize shared technology. NDR delivers operational data that provides a common ground for resolving problems across network and security operations centers (NOCs and SOCs). The visibility afforded by NDR also is often valuable to cloud and IT operations teams.

In addition to these drivers shaping the market, the report compares NDR solutions to previous techniques, articulates the fundamental tenets of NDR solutions, reviews some of the strategic players and emerging vendors in this space, and offers guidance for organizations interesting in the potential that NDR offers.

“Success criteria shifts from blocking threats to visibility into the prediction of problems, detection of active threats, and support of remediation efforts in a race to shrink dwell times and limit impact.”

Discover the Next Generation of Network-Based Threat Detection

For a thorough and objective analysis of NDR technology capabilities, considerations, and benefits, request your copy of the 451 Research report: Network Visibility, Detection and Response Modern Analytics for Today’s Threats.

Learn more about Lastline’s NDR platform.

John Love

John Love

John Love has been in hi-tech marketing for over 30 years. After spending his first 18 years at Apple, he worked at Logitech and several startups, and has been in security since 2010.
John Love