The 2022 Gartner Market Guide for Network Detection and Response report, published in December, shows that security and risk management leaders should prioritise NDR as a complement to other detection tools, focusing on low false positive rates and detection of anomalies that other controls don't cover. Vectra was recognized in the report for Vectra Threat Detection and Response Platform.
READ ALSO : People.ai Now Listed On Oracle Cloud Marketplace
According to the report, "Organisations rely on NDR to detect and stop activity after a successful attack, such as ransomware, threats from within the network or lateral network traffic. NDR complements other technologies that trigger alerts primarily based on rules and signatures, building heuristic models of normal network behaviour andspotting anomaly ." The report further mentions that "Security and risk management leaders should prioritise NDR as a complement to other detection tools, as it focuses on low false alarm rates and anomaly detection that other solutions do not cover."
- 'We believe that Vectra's recognition in the Gartner Market Guide confirms our position as a trusted partner offering proven solutions for network detection and response,' says Teppo Halonen, Vice President EMEA at Vectra AI, recognized as a Representative Vendors in Network Detection and Response category.
- To stem the tide of threats, security teams need full visibility into their environments so they can detect signs of an attack before it becomes a breach. With the right configuration, NDR can provide effective protection against ransomware, he points out.
Main findings of the report
- According to latest Gartner security forecast, "The network detection and response (NDR) market continues to grow steadily at 22.5%, per the latest Gartner security forecast, despite increased competition from other platforms."
- As early adopters enter a renewal phase, incident response and orchestration workflows gain more weight during the evaluation.
- A handful of NDR vendors capture most of the attention in the market. Organizations with specialized detection use cases would benefit from mixing known vendors with emerging local players in their shortlists.
Recommendations
"To develop their network detection and response capabilities, security and risk management leaders should:
- Complement existing detection solutions by implementing NDR tools to detect abnormal behaviour and investigate activity after a successful security breach.
- Identify gaps in current processes to determine whether the anomalies that NDR can detect correspond to the most pressing detection gaps.
- Compare NDR vendor offerings by preparing reasonable metrics and assessing how NDR tools positively impact threat detection, security operations centre (SOC) productivity and automated response."
Strategic planning assumptions
- "By 2026, the percentage of companies that evaluate NDR capabilities only within standalone products will drop to 70% (currently it is 90%).
- By 2027, more than half of NDR detections will come from cloud environments (currently less than 10%).
- By 2027, automated response to detected network anomalies will not exceed 40% of all detected anomalies."
For the full 2022 Gartner Market Guide for Network Detection and Response report, download here.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.