INTEGRATIVE INSIGHTS ON EMERGING OPPORTUNITIES |
Integrative research means our extensive company research informs every thesis and perspective. The result is deep industry knowledge, expertise, and trend insights that yield valuable results for our partners and clients.
- Cybersecurity threats have evolved to evade many of the basic building blocks of network-based security systems. We believe newer network detection and response (NDR) solutions will increasingly address these new threats and grow to become another major building block of network-based security systems.
- Increased computing power that enables cost-effective network monitoring at scale, as well as advances in machine learning and artificial intelligence, have made NDR a powerful and accessible cybersecurity tool.
- In this report, we provide a high-level overview of how NDR systems work and why they are needed. We also discuss key areas where NDR systems differentiate themselves, such as in decryption capabilities, and profile four key NDR solution providers.
TABLE OF CONTENTS
Includes discussion of Darktrace and three private companies
A new vanguard of network-based security systems
Like an all-knowing network administrator
Historical challenges shape buyers' NDR purchase decisions
The decryption debate
Key NDR solution providers
Meeting the never-ending challenge
Cybersecurity index range-bound in deeply negative territory
Q3 cybersecurity M&A pace similar to Q2
Q3 cybersecurity private placement pace steady
A new vanguard of network-based security systems
The building blocks of effective network-based security systems continue to evolve. Firewalls and endpoint detection systems (including newer endpoint detection and response systems), which monitor and stop malicious behavior at networks' perimeters and endpoints, have been two of the most basic elements of network-based security systems. However, some threats have adapted to evade these protections, so network-based security systems evolved to include intrusion detection systems (IDSs) and network security monitoring (NSM) solutions to monitor and act on malicious data as it moves within networks. These newer solutions have also seen widespread adoption, but the growing number of successful cyberattacks and dozens of additional cybersecurity subcategories have shown organizations need still more robust and complementary solutions.