NETWORK DETECTION & RESPONSE
NDR Use Cases
This periodic table represents the depth and breadth of what the network can do for your business. Security, cloud, & IT operations can use NDR to improve threat response times by 87% and troubleshoot downtime 99% faster.
SECURITY
CLOUD
IT OPS
Ra
Inv
Lm
Msd
Fcs
Pc
Sca
Tt
Rm
Ns
Apm
Sd
Tdr
InR
TH
CDR
Cd
Hyg
Ex
Iot
AD
Rsm
Rma
Vpn
Bhv
Ids
FsI
Sa
Pck
Rw
Sh
Ms
AWS
AZ
GCP
Fn
Hy
Th
Crt
Ssh
Inf
Ir
As
Db
Bd
Dns
Edr
Cp
Apt
Isi
Mg
Mnt
Agti
Sl
Ew
Dct
Cn
Sr
SECURITY
Ra
Inv
Lm
Msd
Sd
Tdr
InR
TH
Iot
AD
Bhv
Ids
FsI
Sa
Pck
Rw
Sh
Ir
As
Db
Bd
Dns
Edr
Cp
Apt
CLOUD
Fcs
Pc
Sca
CDR
Ms
AWS
AZ
GCP
Fn
Hy
Th
Crt
Isi
Mg
Mnt
Agti
Sl
Ew
Dct
Cn
Sr
IT OPS
Tt
Rm
Ns
Apm
Cd
Hyg
Ex
Rsm
Rma
Vpn
Ssh
Inf
Ra
Remote Access
Inv
Asset Inventory
Lm
Lateral Movement
Msd
Monitor Sensitive Data
Fcs
Frictionless Cloud Security
Pc
Post Compromise Detection
Sca
Supply Chain Attack
Tt
Triage and Troubleshooting
Rm
Remote Working
Ns
NetSecOps
Apm
Application Performance Monitoring
Sd
Secure Decryption
Tdr
Threat Detection and Response
InR
Intelligent Response
TH
Threat Hunting
CDR
Cloud Detection and Response
Cd
Cloud Operations
Hyg
Network Hygiene and Compliance
Ex
User Experience Monitoring
Iot
Enterprise IOT Security
AD
Active Directory Monitoring
Rsm
Remote Site Monitoring
Ram
Remote Access Monitoring
Vpn
VPN Monitoring
Bhv
Behavior Analytics
Ids
Next Gen IDS
FsI
Forensic Investigation
Sa
Security Analytics
Pck
Full Packet Capture
Rw
Ransomware Protection
Sh
Security Hygeine
Ms
Multicloud Security
AWS
AWS Workload Security
AZ
Azure Workload Security
GCP
GCP Workload Security
Fn
Cloud Forensics
Hy
Hybrid Security
Th
Cloud Threat Hunting
Crt
Monitor Cloud Workloads
Ssh
SSH Monitoring
Inf
Infrastructure Monitoring
Ir
Incident Response
As
Application Security
Db
Database Security Monitoring
Bd
Breach Detection
Dns
DNS Monitoring
Edr
EDR Coverage Gaps
Cp
Compliance Assessment
Apt
Advanced Persistent Threat
Isi
Investigate Security Incidents
Mg
Cloud Migration
Mnt
Continuous Monitoring
Agti
Agentless Workload Security
Sl
Serverless Visibillity
Ew
East-West Cloud Visibility
Dct
Decrypt Cloud Traffic
Cn
Container Security
Sr
Shared Responsibility
Security:
- Inv: Asset Inventory
- Lm: Lateral Movement
- Msd: Monitor Sensitive Data
- Tdr: Threat Detection and Response
- InR: Intelligent Response
- TH: Threat Hunting
- Ra: Remote Access
- Sd: Secure Decryption
- IoT: Enterprise IoT Security
- AD: Active Directory Monitoring
- Bhv: Behavior Analytics
- Ids: Next Gen IDS
- FsI: Forensic Investigation
- Sa: Security Analytics
- Pck: Full Packet Capture
- Rw: Ransomware Protection
- Sh: Security Hygiene
- Ir: Incident Response
- As: Application Security
- Db: Database Security Monitoring
- Bd: Breach Detection
- Dns: DNS Monitoring
- Edr: EDR Coverage Gaps
- Cp: Compliance Assessment
- Apt: Advanced Persistent Threats
Cloud:
- Fcs: Frictionless Cloud Security
- Pc: Post Compromise
- Sca: Supply Chain Attack
- CDR: Cloud Detection and Response
- Msd: Monitor Sensitive Data
- Ms: Multicloud Security
- AWS: AWS Workload Security
- AZ: Azure Workload Security
- GCP: GCP Workload Security
- Fn: Cloud Forensics
- Hy: Hybrid Security
- Th: Cloud Threat Hunting
- Crt: Monitor Cloud Workloads
- Isi: Investigate Security Incidents
- Mg: Cloud Migration
- Mnt: Continious Monitoring
- Agti: Agentless Workload Security
- SI: Serverless Visibility
- EW: East-West Cloud Visibility
- Dct: Decrypt Cloud Traffic
- As: Application Security
- Cn: Container Security
- Sr: Shared Responsibility
IT ops:
- Tt: Triage and Troubleshooting
- Rm: Remote Working
- Ns: NetSecOps
- Cd: Cloud Operations
- Apm: Application Performance Monitoring
- Hyg: Network Hygiene and Compliance
- Ex: User Experience Monitoring
- Rsm: Remote Site Monitoring
- Mnt: Continious Monitoring
- Rma: Remote Access Monitoring
- Vpn: VPN Monitoring
- Ssh: SSH Monitoring
- Inf: Infrastructure Monitoring