NSFOCUS Traffic Threat Analysis and Response System (ISOP-NDR) is a product that focuses on attack and defense operations. It is based on full traffic storage, with data analysis as its core and automated disposal as its auxiliary function. It can effectively support threat analysis, assessment, disposal, and traceability work, providing customers with a practical, lightweight, and user-friendly tool system.
NSFOCUS NDR Feature Highlights
1. Attack Detection:
Integration of various threat detection technologies such as machine learning, threat intelligence, behavior analysis, rule matching, and retrospective analysis. It possesses powerful capabilities to detect attacks, especially advanced-level attacks like hot topic events, high-risk vulnerability exploits, covert attacks, and APTs.
2. Traffic Awareness:
Powerful protocol recognition and traffic analysis capabilities. It performs traffic statistical analysis and provides visualizations from various dimensions, including traffic trends, session connections, host traffic, URL access, and foreign access. It intuitively displays abnormal access behavior within the environment.
3. Threat Tracing:
Supports storage of all raw traffic data, providing data support for investigating and gathering evidence of attack incidents. For newly emerging vulnerabilities, it allows retrospective detection based on detection rules in historical traffic, identifying potential missed attack behaviors.
4. Event Handling:
Equipped with Security Orchestration, Automation, and Response (SOAR) capabilities. It enables flexible scripting of event judgment and handling scenarios based on attack situations, consolidating security experts’ experiences and facilitating automated response. This significantly reduces incident response time and greatly enhances incident response efficiency.
Advantages of NSFOCUS NDR
- High Coverage of Threat Detection:
It covers common, trending, and emerging vulnerabilities, attack tools, and APT organizations. It supports specialized analysis for mining, ransomware, trojans, APTs, and more. - High Precision in Threat Detection:
Supports accurate determination of attack results, ensuring high precision in identifying real attacks within the environment. - High Aggregation in Threat Visualization:
Based on the attack chain model, it aggregates individual attacks into attack processes, providing a comprehensive view of the attack landscape.
How NSFOCUS NDR works?
Event Handling
Automatic Report Generation
Incident Response One-Click Blocking
ISOP-NDR Integration with NSFOCUS RSAS
Customer Value
- Enhancing the depth of security analysis
By focusing on hot topics, high-risk vulnerabilities, covert attacks, APTs, and other advanced-level attacks, it can effectively enhance customers’ ability to detect advanced threats.
- Improving the effectiveness of attack and defense operations
By providing precise analysis, traceability and evidence collection, as well as intelligence sharing and collaborative control capabilities, it can effectively enhance the support for attack and defense drills, as well as overall security protection.
- Enhancing security protection system
By implementing a closed-loop system for identification, protection, detection, and response, it establishes proactive defense mechanisms and improves the overall security protection system for enterprises.
Learn more about NSFOCUS NDR: https://www.nsfocus.com.cn/html/2019/209_0911/147.html
Read more about NSFOCUS Ranked No. 2 in China Network Detection and Response Market 2022: https://nsfocusglobal.com/nsfocus-ranked-no-2-in-china-network-detection-and-response-market-2022/
About ATech Communication (HK) Limited
ATech Communication (HK) Ltd is one of the leading IT equipment & service provides for HKSAR Government Departments and Bureaux. We provide the best value and the best IT solution to our customers. Please visit our Cases page to learn more about our successful works. For more information on ATech, please contact us at enquiry@atechcom.net.
ATech Communication (HK) Limited
Providing a Complete Suite of IT Solutions
- (852) 2970 6010 / 3756 0078
- enquiry@atechcom.net
