The Gartner 2020 Hype Cycle for Security Operations indicates that Network Detection and Response (NDR) has progressed well beyond the Peak of Inflated Expectations, and is nearing the Slope of Enlightenment. The Hype Cycle gave NDR a Benefit Rating of "High" and described the Business Value of the category as follows:
"NDR solutions are valuable tools that assist network security professionals in the detection of compromised endpoints and targeted attacks. These tools have limited native blocking ability, or none at all (because most are implemented outside of the line of traffic), but they offer manual and/or automatic functionality for responding to alerts. Many NDR solutions can also be implemented to detect suspicious activity in IaaS environments."
Meanwhile, the SOC Visibility Triad, which indicates network data, endpoint data, and activity logs as the three foundational data sources for security operations, continues to provide value for security teams in identifying their own requirements and strategy. As NDR draws near to joining SIEM and EDR on the Hype Cycle's Slope of Enlightenment, we at ExtraHop think the future looks bright for more teams to adopt this winning strategy and the best-of-breed technologies that support it.
View the complete 2020 Hype Cycle for Security Operations here.