NDR
Network Detection and Response
NDR platforms analyze raw network traffic to detect threats that bypass endpoint and perimeter defenses. They use behavioral analytics and machine learning to identify anomalous communication patterns.
Como é usado em cibersegurança
SOC analysts use NDR to detect lateral movement, command-and-control callbacks, and data exfiltration on the wire. Incident responders rely on NDR packet metadata to reconstruct attack timelines and understand attacker behavior. Threat hunters query NDR data to find covert channels and encrypted tunnels used by advanced adversaries.
Termo relacionado no glossário: network detection and response
As definições são explicações originais escritas para fins de desenvolvimento profissional. Para definições técnicas autoritativas, consulte NIST, ISO ou o órgão de normalização correspondente.