Flowmon Networks Providing Network Threat Detection And Response In The BT Showcase At Adastral ParkDecember 10, 2020
Now on show is Flowmon’s ADS (Anomaly Detection System) – a network security solution classified by Gartner in the Network Detection and Response (NDR) market.
NDR solutions primarily use non-signature-based techniques (for example, machine learning or other analytical techniques) to detect suspicious traffic on enterprise networks. NDR tools continuously analyze raw traffic and/or flow records (for example, NetFlow) to build models that reflect normal network behaviour. When the NDR tools detect suspicious traffic patterns, they raise alerts. In addition to monitoring north/south traffic that crosses the enterprise perimeter, NDR solutions can also monitor east/west communications by analyzing traffic from strategically placed network sensors. Response is also an important function of NDR solutions. Automatic responses (for example, sending commands to a firewall so that it drops suspicious traffic) or manual responses (for example, providing threat hunting and incident response tools) are common elements of NDR tools
Flowmon ADS is powered by an intelligent detection engine designed to complement traditional security tools. It seals the gap between perimeter and endpoint protection where attackers can often operate. Unlike conventional solutions based on statistical detection, it uses behavior analysis algorithms to detect anomalies that are hidden in network traffic. These algorithms can reveal malicious behaviours, attacks against mission-critical applications, data breaches and a spectrum of indicators of compromise.
Flowmon’s detection capabilities combined with detailed analytics results in a solution that is useful throughout the incident lifespan:
- Detection of insider threats: Whether incidents are caused by a careless user or malicious intent, protect your network from the inside.
- Unknown threat detection: Thanks to behavior pattern recognition the system can discover unknown threats in early stages before any damage is done, providing zero-day protection.
- Incident investigation and response: Machine learning and data analytics work in unison to provide administrators with contextualized intelligence to reduce response time.
- Troubleshooting and forensics: Flowmon ADS retains a wealth of information for deep post-compromise analysis and creates evidence for auditing and prevention purposes.
We are currently working on more concise and bite sized videos to provide context to the solution. More to follow.
To learn more about Flowmon Networks, for a demo of our system and an overview of the solution and capability please follow the link, and to understand more about BT’s Showcase Facility please contact Stuart Wyse