“Applying behavioral analysis to network traffic is helping enterprises detect suspicious traffic that other security tools are missing,” the report states.
Vectra, the leader in network cyberattack detection and response, has been identified as a Representative Vendor in the inaugural Gartner Market Guide for Network Traffic Analysis report. The report provides a detailed overview of the market and analyzes Network Traffic Analysis (NTA) vendors to be considered by global security and risk management leaders.
NTA uses a combination of machine learning, advanced analytics and rule-based detection to detect suspicious activities on enterprise networks. NTA tools continuously analyze raw traffic and/or flow records to build models that reflect normal network behavior. When the NTA tools detect abnormal traffic patterns, they raise alerts.
In addition to monitoring north/south traffic that crosses the enterprise perimeter, NTA solutions can also monitor east/west communications by analyzing network traffic or flow records that it receives from strategically placed network sensors.
“Enterprises should strongly consider NTA to complement signature-based and sandboxing detection methods,” wrote Gartner analysts Lawrence Orans, Jeremy D’Hoinne and Sanjit Ganguli. “Many Gartner clients have reported that NTA tools have detected suspicious network traffic that other perimeter security tools had missed.”
Cognito Detect from Vectra is the fastest, most efficient way to find and stop cyberattackers in public clouds, private data centers and enterprise environments. Cognito Detect uses hardware and virtual sensors to forward and store a proprietary set of traffic metadata to the analytic engine. It uses artificial intelligence to deliver real-time attack visibility and put attack details at a security analysts’ fingertips. By combining advanced supervised and unsupervised machine learning algorithms – including deep learning models – with always-learning behavioral models, Cognito Detect quickly and efficiently finds hidden and unknown attackers before they do damage.
“The Vectra Cognito Detect application provides enterprise-wide visibility into hidden cyberattacker behaviors by analyzing enriched network metadata in the Cognito platform,” said Mike Banic, vice president of marketing at Vectra. “This visibility leaves attackers with nowhere to hide because attackers cannot erase the footprints they leave in the network. Vectra is uniquely positioned among NTA vendors with our broad mix of machine learning models to detect attacker behaviors, specialized detections for the data center and cloud, complimentary response products Cognito Recall and Cognito Stream, and strong integrations with endpoint protection, firewall, security information and event management (SIEM), and security orchestration automation and response (SOAR) products.”