KNOWLEDGE — THREAT DETECTION & MONITORING

NDR — Network Detection and Response

Network Detection and Response (NDR) is a security approach that analyzes actual network traffic to detect suspicious activity — including attacks that log-based systems miss.

Unlike tools that rely on logs from connected systems, NDR observes the communication itself: which systems talk to which, what volumes and destinations are normal, and what deviates. It combines behavioral analysis with threat intelligence to surface lateral movement, command-and-control traffic, and unusual data flows.

NDR doesn't depend on every system being correctly logged, which is why it catches activity other layers don't.

AEGYS Monitor is a passive NDR solution — analyzed where you choose.

AEGYS Monitor

RELATED TERMS

SIEM — Security Information and Event Management
EDR — Endpoint Detection and Response
XDR — Extended Detection and Response
Lateral Movement
Command-and-Control (C2)