IDC Technology Spotlight: NDR Across the Public Cloud

IDC Technology Spotlight: NDR Across the Public Cloud

Most reading this blog post are aware of the migration to the cloud. But to highlight the scope of it, here are a couple statistics, pulled from an article posted on 1) 90 percent of companies are in the cloud (source: 451 Research); and 2) Cloud data centers will process 94% of workloads in 2021 (source: Cisco). This is a significant jump from the 60% of workloads that ran on a hosted cloud service in 2019, while the cloud hosted 45% of workloads in 2018.

At the same time Network Detection and Response (NDR) technologies have been gaining traction as well. According to a recent report from 451 Research, 52 percent of businesses already have NDR technology deployed and another 23 percent have plans to deploy.

So, it’s really no surprise to see analyst firms putting these two trends together, as IDC has done in their latest Technology Spotlight: Network Detection and Response Across the Public Cloud.

Their report summarizes the situation as follows: “The way enterprises approach cybersecurity is necessarily changing. The security operations center (SOC) simply cannot retrofit existing cybersecurity tools for heterogeneous environments.”

The report identifies five specific challenges presented by cloud architectures:

  • DX requires creation of dynamic applications
  • Security of S3 buckets is difficult
  • Cyberdefenses must build capabilities to monitor workloads
  • Lateral movement is especially difficult to monitor in public clouds
  • Organizations need cloud-monitoring capabilities

Given these challenges, the report proceeds to offer specific guidance for creating an ideal security solution set for the cloud. Furthermore, IDC analyst and report author Christopher Kissel provides his assessment of Lastline’s NDR platform, Lastline Defender, as technology capable of rising to meet these challenges.

His detailed analysis categorizes and describes the many types of supervised and unsupervised machine learning utilized by Lastline Defender. He also identifies some challenges that he sees Lastline facing, but concludes on an up-note:

“Lastline Defender is well positioned as a network detection and response platform for heterogeneous networks. The company has been able to leverage its expertise in intrusion detection and response, file analysis, and global threat intelligence. The analytical backbone of supervised and unsupervised learning reduces noise and allows an IT/security team to determine the best course of action when threats occur.”

Download the report to read all the details in IDC’s Technology Spotlight, Network Detection and Response Across Public Cloud.

Mustafa Rassiwala

Mustafa Rassiwala

Rassiwala has more than 10 years of experience in security product management, building DLP, SIEM, security analytics, fraud management and network security products. He has proven success at many companies including RSA, Symantec, HPE (ArcSight) and startups such as ThreatMetrix, Platfora and JASK. He has also held engineering roles at EMC/Documentum.
Mustafa Rassiwala