Overview

Many businesses are struggling to counter modern security threats. Firewalls, even Endpoint Detection and Response (EDR) agents, are not enough to keep a business secure on its own. Hughes Network Detection and Response (NDR) provides a more holistic approach to cybersecurity, and supplements existing technology to catch malicious activity on a network. NDR can close the gap left behind by off-the-shelf solutions that don’t take the time to learn each network.

NDR protects networks by monitoring and analyzing data from network traffic devices, such as switches, routers, and intrusion detection systems. Only a small sliver of traffic needs to be scanned, after which our advanced AI and Machine Learning begin to extrapolate the data until we have 100% visibility into the network. NDR is especially effective at detecting threats and anomalies that try to traverse the network, including lateral movement within the network, such as communicating malicious domains. Oftentimes NDR can prevent attacks before they even occur by recognizing unusual behaviors or by comparing user behavior to previous norms and noticing subtle differences that indicate a potential compromise.

When threats are found, NDR can detect and respond to these threats by quarantining them and alerting security teams to take immediate action. When NDR discovers a threat, it immediately sends notifications to our Security Operations Center (SOC) and quarantines that area of the network to prevent the threat from spreading. For example, NDR can respond by updating firewall rules to block traffic from a suspicious IP address or device. Notifications sent to security personnel at our SOC provide context-rich insights and recommendations, enabling them to take quick action, depending on the severity of the event, before sensitive assets are reached. NDR also covers Internet of Things (IoT) and operational technology (OT) devices.