The 2022 Gartner Market Guide for Network Detection and Response report, published in December, shows that security and risk management leaders should prioritize NDR as a complement to other detection tools, focusing on low false positive rates and detection of anomalies that other controls don’t cover. Vectra was recognized in the report for Vectra Threat Detection and Response Platform.
According to the report, “Organizations rely on NDR to detect and stop activity after a successful attack, such as ransomware, threats from within the network or lateral network traffic. NDR complements other technologies that trigger alerts primarily based on rules and signatures, building heuristic models of normal network behavior and spotting anomaly.” The report further mentions that “Security and risk management leaders should prioritize NDR as a complement to other detection tools, as it focuses on low false alarm rates and anomaly detection that other solutions do not cover.”
“We believe that Vectra’s recognition in the Gartner Market Guide confirms our position as a trusted partner offering proven solutions for network detection and response. To stem the tide of threats, security teams need full visibility into their environments so they can detect signs of an attack before it becomes a breach. With the right configuration, NDR can provide effective protection against ransomware,” says Taj El-khayat, Managing Director – South EMEA, Vectra.
According to the latest Gartner security forecast, “The network detection and response (NDR) market continues to grow steadily at 22.5%, per the latest Gartner security forecast, despite increased competition from other platforms.” A handful of NDR vendors capture most of the attention in the market. Organizations with specialized detection use cases would benefit from mixing known vendors with emerging local players in their shortlists.
The market guide recommends, “To develop their network detection and response capabilities, security and risk management leaders should, complement existing detection solutions by implementing NDR tools to detect abnormal behavior and investigate activity after a successful security breach.”
It also suggests to identify gaps in current processes to determine whether the anomalies that NDR can detect correspond to the most pressing detection gaps. “And, compare NDR vendor offerings by preparing reasonable metrics and assessing how NDR tools positively impact threat detection, security operations centre (SOC) productivity and automated response.”
By 2026, the percentage of companies that evaluate NDR capabilities only within standalone products will drop to 70% (currently it is 90%). By 2027, more than half of NDR detections will come from cloud environments (currently less than 10%).
