NETWORK DETECTION & RESPONSE

NDR Use Cases

This periodic table represents the depth and breadth of what the network can do for your business. Security, cloud, & IT operations can use NDR to improve threat response times by 87% and troubleshoot downtime 99% faster.

SECURITY
CLOUD
IT OPS
Ra
Inv
Lm
Msd
Fcs
Pc
Sca
Tt
Rm
Ns
Apm
Sd
Tdr
InR
TH
CDR
Cd
Hyg
Ex
Iot
AD
Rsm
Rma
Vpn
Bhv
Ids
FsI
Sa
Pck
Rw
Sh
Ms
AWS
AZ
GCP
Fn
Hy
Th
Crt
Ssh
Inf
Ir
As
Db
Bd
Dns
Edr
Cp
Apt
Isi
Mg
Mnt
Agti
Sl
Ew
Dct
Cn
Sr
SECURITY
Ra
Inv
Lm
Msd
Sd
Tdr
InR
TH
Iot
AD
Bhv
Ids
FsI
Sa
Pck
Rw
Sh
Ir
As
Db
Bd
Dns
Edr
Cp
Apt
CLOUD
Fcs
Pc
Sca
CDR
Ms
AWS
AZ
GCP
Fn
Hy
Th
Crt
Isi
Mg
Mnt
Agti
Sl
Ew
Dct
Cn
Sr
IT OPS
Tt
Rm
Ns
Apm
Cd
Hyg
Ex
Rsm
Rma
Vpn
Ssh
Inf

Security:

  • Inv: Asset Inventory
  • Lm: Lateral Movement
  • Msd: Monitor Sensitive Data
  • Tdr: Threat Detection and Response
  • InR: Intelligent Response
  • TH: Threat Hunting
  • Ra: Remote Access
  • Sd: Secure Decryption
  • IoT: Enterprise IoT Security
  • AD: Active Directory Monitoring
  • Bhv: Behavior Analytics
  • Ids: Next Gen IDS
  • FsI: Forensic Investigation
  • Sa: Security Analytics
  • Pck: Full Packet Capture
  • Rw: Ransomware Protection
  • Sh: Security Hygiene
  • Ir: Incident Response
  • As: Application Security
  • Db: Database Security Monitoring
  • Bd: Breach Detection
  • Dns: DNS Monitoring
  • Edr: EDR Coverage Gaps
  • Cp: Compliance Assessment
  • Apt: Advanced Persistent Threats

Cloud:

  • Fcs: Frictionless Cloud Security
  • Pc: Post Compromise
  • Sca: Supply Chain Attack
  • CDR: Cloud Detection and Response
  • Msd: Monitor Sensitive Data
  • Ms: Multicloud Security
  • AWS: AWS Workload Security
  • AZ: Azure Workload Security
  • GCP: GCP Workload Security
  • Fn: Cloud Forensics
  • Hy: Hybrid Security
  • Th: Cloud Threat Hunting
  • Crt: Monitor Cloud Workloads
  • Isi: Investigate Security Incidents
  • Mg: Cloud Migration
  • Mnt: Continious Monitoring
  • Agti: Agentless Workload Security
  • SI: Serverless Visibility
  • EW: East-West Cloud Visibility
  • Dct: Decrypt Cloud Traffic
  • As: Application Security
  • Cn: Container Security
  • Sr: Shared Responsibility

IT ops:

  • Tt: Triage and Troubleshooting
  • Rm: Remote Working
  • Ns: NetSecOps
  • Cd: Cloud Operations
  • Apm: Application Performance Monitoring
  • Hyg: Network Hygiene and Compliance
  • Ex: User Experience Monitoring
  • Rsm: Remote Site Monitoring
  • Mnt: Continious Monitoring
  • Rma: Remote Access Monitoring
  • Vpn: VPN Monitoring
  • Ssh: SSH Monitoring
  • Inf: Infrastructure Monitoring