Trend Micro has announced Inline NDR, available in the Trend Vision One platform where it improves detection and response across all security functions rather than operating as an isolated solution.
NDR tools are commonly deployed in large enterprises that have many sources of detection information, but only Inline NDR can decrypt modern encryption techniques. Industry analyst firm Forrester states that network analysis and visibility (NAV) customers should look for providers that have onboard or tightly integrated decryption capabilities.
Inline NDR is part of Trend Vision One, the full-spectrum Security Operations Center (SOC) platform designed to accelerate investigations by surfacing the highest priority alerts and automating complex response actions. This empowers SOC analysts with near real-time actions – empowering teams to react faster to contain threats before they can cause the organisation lasting damage.
According to Gartner, “NDR can contribute to XDR by bringing network event analytics into the mix. Gartner analysts continue to see that a majority of NDR evaluations are for stand-alone deployments today, but this could change in the future. However, by continuing to add other sources of telemetry, such as endpoint and identity and access management (IAM) integrations, NDR could also overlap more with the XDR market.”
Trend believes it is anticipating this market shift and has integrated NDR capabilities to meet future demand.
Today’s SOC teams often lack critical resources: staffing, budget, time and tools. Overworked security analysts lack visibility into their network assets or the ability to find covert threat actors using “living-off-the-land” techniques to hide in legitimate traffic. This continual stress can lead to burnout across the industry – and give cybercriminals more avenues for attack.
Many XDR-focused vendors have weak capabilities for native network analysis or lack sufficient NDR integrations entirely. Security teams are also limited by NDR products that use only baseline anomaly detection and machine learning out of the box, leading to false positives and longer mean-time-to-detect and contain (MTTD/MTTC). Integrating NDR capabilities into a broad security platform makes existing XDR tools more robust and provides greater value than a standalone product.
Zaheer Ebrahim, solutions architect: Middle East and Africa at Trend, comments: “Threat actors love unmanaged assets like routers, laptops, firewalls and even smart appliances – as these create the security blind spots from which to launch new attacks. That’s why we offer something different from most XDR out there. Our network telemetry lets you know where your unmanaged assets are and what they’re doing at all times, leaving attackers with nowhere to hide.”
A strong understanding of all assets connected to an organisation’s networks is critical to overall security. Trend’s Inline NDR can provide enforcement, visibility and network decryption without any compromises in quality. The integration with Trend Vision One helps customers to avoid deploying multiple disconnected solutions and enables security teams to work more efficiently.