What is Network Detection and Response and Why is it So Important?

What is Network Detection and Response and Why is it So Important?

Networks are the foundation of today’s connected world. They allow millions of people, devices, apps and systems to talk with one another every minute of the day. Without networks, modern communication as we know it would cease to exist. Today’s organizations depend on networks and their critical role in overall IT infrastructure. So, it’s no surprise that networks are a prime target of attackers looking to disrupt organizations and governments around the world.


To fully understand the importance of network security, consider the simple but potent fact that 99% of cyberattacks traverse the network in some way. As a result, networks contain important information about impending threats, which is why 43% of organizations use network traffic analysis (NTA) as the first line of defense for threat detection. Furthermore, networks don’t lie. The network data captured as part of the connections between devices and systems cannot be turned off by attackers the way logs can. As a result, any group looking to improve its overall threat detection and incident response needs to consider network detection and response (NDR) as a core part of their strategy.


Network Detection and Response: How Did We Get Here?


The market first appeared as network behavior anomaly detection (NBAD) products, which analyzed network traffic patterns to detect unusual trends. In the late 2010s, the market evolved to network traffic analysis. This helped address the challenge of detecting threats from network data, commonly referred to as network flows. NTA gained momentum with the growth in network traffic. Meanwhile, high-profile attacks and heavy marketing by emerging vendors also brought it into common parlance ..