Home ComputersComputer Networking 6 Network Detection and Response (NDR) Case Studies

6 Network Detection and Response (NDR) Case Studies

by Oliwia Wieclaw
0 comment

Cybersecurity poses a massive challenge as networks grow complex and the demand for IT talent rises. Amid these trends, automated network detection and response (NDR) solutions come to the rescue as one of the most effective tools companies can deploy to safeguard their digital environments.

NDR platforms like Stellar Cyber scan networks for unusual activity and enable the identification and response to potential threats. These early warnings help prevent and mitigate cyberattacks, even when companies lack sufficient IT staff to monitor their systems continuously.

Here are how various organizations across different industries use NDR tools to maintain their security:

Coca-Cola Bottlers Management Service

Coca-Cola’s China-based bottling plant SCMC faces huge network requirements, especially as it incorporates more Industry 4.0 technologies. Swift, adequate security is essential.

SCMC sought assistance from Sangfor Technologies for NDR platform capabilities using its managed security services to monitor its network. Automated threat hunting, powered by artificial intelligence (AI) algorithms, plays a vital role in this system. This technology continuously scans for attack attempts on their Internet of Things (IoT) devices, eliminating the need for a larger in-house security workforce.

A benefit of security automation is the reduction of IT workloads. This advantage is crucial for SCMC, which is particularly vulnerable around holidays when IT staff may not be present. With automated network detection and response, security threats during these periods are no longer a concern.

The solution also monitors for non-compliance with company standards, streamlining regulatory compliance and identifying cases of employee misuse. This capability addresses vulnerabilities stemming from human error or malicious insiders.

Industry: Manufacturing

Network Detection and Response Offering: Sangfor Technologies Managed Security Service

Outcomes:

  • Provided 24/7 network monitoring
  • Accelerated threat responses to under half an hour
  • Reduced security vulnerabilities around holidays

Viasat

Viasat, an internet service provider (ISP) with 7,000 employees across 60 offices, needed strong cybersecurity management to protect its extensive customer base from ransomware and other cyber threats.

As an ISP, Viasat has access to vast information on the types of attackers and strategies used against its clients. To enhance its visibility and understanding of these threats, Viasat turned to ExtraHop’s NDR. This solution employs an AI-configured network scanner to minimize brute force attacks, open port discovery, and ransomware payloads, similar to what Stellar Cyber offers. It segregates risks linked to specific connections or IP addresses, enabling effective threat responses.

“The network is the ground truth. It’s what attackers can’t avoid,” says Lee Chieffalo of Viasat. “You give yourself the ability to see everything on the network. You deploy a network detection tool, and now you can see everything. Without that data, you’re operating partially or completely blind. There is no other technology outside of NDR that can give you that.”

Industry: Internet Services

Network Detection and Response Provider: ExtraHop

Outcomes:

  • Reduced time for detecting large-scale threats
  • In-depth understanding of at-risk connections
  • Provided detailed analysis and insights to secure customer data

American University

Higher education institutions deal with a large amount of personally identifiable information (PII). So, an institution like the American University, with around 60,000 users across 20,000 devices and 700 servers, uses NDR automation to monitor its complex network.

“Intrusion detection requires a security analyst to sift through volumes of signature hits. … We needed a better, faster way to drink data from the security fire hose,” says Eric Weakland, director of information security at American University.

The university’s new system automates attack detection and response through AI, prioritizing tasks and assigning them to IT staff based on urgency. Over time, the system recognizes attack patterns, suggesting broader security changes to enhance protection. This insight allows the university to maintain its security as its network grows and adapts.

Industry: Higher Education

Network Detection and Response Product: Vectra Cognito NDR

Outcomes:

  • Reduced response times by 20%
  • Allowed IT teams to focus on critical issues
  • Improved visibility across the attack lifecycle

Life Insurance Association of the Republic of China

The Life Insurance Association of the Republic of China (LIA-ROC), along with 11 other insurance firms, launched the Protection/Claims Consortium Blockchain pilot. The project was meant to be a one-stop platform for claim settlement and personal data updates.

LIA-ROC chose VMware NSX Network Detection and Response to uphold a Level A information security score. VMware’s NSX created a virtual security infrastructure, enabling the detection and neutralization of malware before it interacted with the natural system. This was achieved through a virtual environment that mimicked CPU, memory configurations, and user trails.

VMware’s zero-trust architecture, employing sandbox inspection, ensured that any vulnerabilities at entry-exit checkpoints were screened. This framework allowed seamless integration with vendors and insurance parties within a limited timeframe.

Industry: Insurance

Network Detection and Response Provider: VMware

Outcomes:

  • Maintained processing efficiency despite data volume spikes
  • Used AI to detect and counter-modified attack techniques
  • Implemented zero-trust architecture through sandbox inspection

Rackspace

Rackspace, an IT service provider serving two-thirds of the Fortune 100 and over 300,000 customers, needed a more proactive cybersecurity approach. As cybercrime and security workloads grew, reactive measures were no longer sufficient.

Rackspace adopted Symantec Security Analytics as its NDR solution. This tool classifies all network traffic in real-time, providing rapid and detailed analysis of security issues. These insights enable teams to detect larger trends leading to vulnerabilities, ensuring faster and more informed threat responses.

This automation allowed Rackspace’s security personnel to spend less time responding and more time hunting threats.

Industry: IT Services

Network Detection and Response Product: Symantec Security Analytics

Outcomes:

  • Shortened response times from hours to minutes
  • Improved network visibility
  • Enabled proactive threat-hunting

Earthmover Credit Union

EarthMover Credit Union aims to offer its customers a personalized financial system. The institution has around 25,000 members, six branch offices, and multiple ATMs.

For decades, they ran their system security themselves. Not until a while ago were its vulnerability management efforts administered manually with Microsoft Update Manager, fixing patches. However, as new vulnerabilities radically increased, EarthMover felt the need to look for a scalable cybersecurity solution with the latest patches in their ITS systems.

“As a financial institution, we need to protect our members’ data. It’s a full-time job,” says Shelley Johnson of EarthMover.

The credit union turned to Qualys’ vulnerability management solution, which scanned network traffic to identify and patch vulnerabilities. The NDR platform capabilities provided remediation steps for qualified leads and automated scans for each system update and configuration change.

“The automatic scheduling helps us save time, and we don’t have to remember to run scans manually,” Johnson explains.

“The reporting automatically tracks the number and the severity of vulnerabilities over time, so we always know our level of security.”

Industry: Financial Services

Network Detection and Response Provider: Qualys

Outcomes:

  • Centrally managed software updates and vulnerability checks
  • Regular tracking of the severity and number of vulnerabilities
  • Automatic assessment of networks, saving time

Conclusion

Network Detection and Response (NDR) solutions have proven invaluable across various industries, providing critical security insights and tactics for threat mitigation. The strategic implementation of NDR platforms has fortified defenses, reduced response times, and enhanced network security in various industries, such as Coca-Cola’s bottling plants, Viasat’s ISP services, and higher education institutions like American University.

 

Author

You may also like

Leave a Comment

Welcome to PCSite – your hub for cutting-edge insights in computer technology, gaming and more. Dive into expert analyses and the latest updates to stay ahead in the dynamic world of PCs and gaming.

Edtior's Picks

Latest Articles

© PC Site 2024. All Rights Reserved.

-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00