KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Yeah, have 10 minutes. So it's a very short presentation focused, giving you a short overview of what, what we are doing here as a Swiss space company. It's all about corporate network, corporate communication and security from a network perspective. And how can this be in advance for you at the moment? Let me see. Next.
Next, No, next. Next slide. No next slide. So who we are very short past, it's in spinoff of the A sew 10 years of research. The reason for that, you'll see the next question. Marks came out with a solution as a software solution gives you in visibility of communication in your network base. And if you of security and it came out says, okay, local storage, effective storage, don't use a lot of data, don't use big datas. And focusing on what we can see from a security perspective, again, in the, in your environment from a network security perspective, machine learning is key on that.
It's an automatic process. And one of the main reasons where the research starts is, and I'm asking this a lot of times, the companies, can you see all activities in your network? Are you able to view, to get an insight what your devices? And doesn't matter if it's IT IOT or OT are communicating how they are communicating a network. What is the issue? Can you do with this? 80% of the companies I'm talking at a at this time gives me an answer.
No, we don't have this for you. We don't see what the communication is running. And so the next question in that case is, what happens if you have an anomaly? If you don't see that you can't see anomalies in your network, right? And an anomaly is always, you can classify that you have a risk, you can't see this. And so you'll have blind spots in your network. Yeah. And if you have these blind spots, can you fulfill your regulations?
Especially in Germany, If you're looking to critic critical companies, in that case, can you fulfill, and I talk a little bit later, what are these requirements from a law perspective, Can you fulfill this? And all these three answers are in row. Mostly the answer is no, we can't. And that's the situation where we are. And this is why in ndr, I have always a problem in Germany. Cause NDR means not deut, rfu, that means the television center say no. It's network detection on response. And how this is this fitting in in your IT security environment.
What you're doing at the moment, you have a lot of equipment on the parameter firewalls. You're doing DDoS protection, you have IDs, you have web application firewalls and so on and so on and so on. Parameter is key. But we all know you have successful attacks in that case. So it's not perfect, right? So the other part where we are looking for is endpoint security. You have the antivirus, you have now the EDRs, you have software agents on your devices. But the question here is, it's it, right?
What you're doing in the IOT environment and what you're doing in OT environment, in that case can't, you can't install agents. But simple, not possible to do, right?
So again, you have blind spots and in between you have to network communication. And in fact this, any hacker who is successful is doing a communication. Any mailer aware anything is going and running over the network. I have recently a discussion which says, okay, network is gone. And it was a little bit disturbing. I say no network is not gone. Cuz without a network we are not in the internet, right? Doesn't matter if you're going in the cloud, you need communication.
You need, you have communication. So why we are not having a deeper look on network communication Because again, and there is, where is an NDR coming in, right? For two reasons. It says network security and forensics.
I'm, I'm a young guy, I'm not so long in the industry but I've seen a lot of war and mostly the war rooms. I'm saying this is a panic room cause haga was successful and now you see the IT guys, you see the network guys running around, what the hell happens, why it happens, Who is affected on that, right?
Is it, is it only once or is it network? Is an application, is it a device? What is and how I get quickly these kind of datas, remember pyramid security data's coming in, got classified good going in the network data gun, right? If you're looking the endpoint perspective, you have the same issue. Data's coming in, you've got an email, it's classified as good and the data are gone. Right? So how you're doing analysis, most answer I get for big companies we have security information and event management.
But what happens if you don't have a use case of that, if you don't know what you have to search for, it takes time, right? And if you don't understand what you're looking for, you have a big, big database with data, you can't use them. And that is again, network detection coming in. It doesn't prevent but it helps you if you have an attack cuz you can look at any stage what's going on and it generates all the automatically in use case. And how we are doing that, I mean I have only 10 minutes so that's the reason why I'm talking so quick. Don't forget it. Right?
So there are three areas where NDR can help you from a German perspective. The C environment says, I given an example, it's give you a protocol, it's a monitoring gives you a protocol and says you can store data for a certain timeframe, right? The detection is there cuz we are detecting after an attack is successful, right? The response part says we are giving the information, yeah we are not shutting down a firewall or an device but we helping the security Analyst to generate use cases to look further in, right?
Cause we are independent from application, We are independent from any network vendors, we are independent from anything cuz we are looking just we are analyzing communications in that case, right? And that's c part of us and that's where we can help in this environment and how we are doing this, we are taking information from your existing devices and it means lock files, network protocols.
And there's a very specific development behind this cuz you have millions of data points in these kind of network communications and the solution is designed with machine learning algorithms to work with this and bring up your use cases. So the good part is it's easy to install. You have your, you have your routes, you have your network admin. It takes them 10 minutes to push the data to the software especially, or the lock files or whatever it is to bring the data to the software, right? Which is stored either in your local environment or in the cloud, wherever you want this.
It's also independent if it's your local network, if it's your cloud environment cause you have Netflix also there. So you can have an overview about any communication which is connected to your network wherever it is. The machine learning algorithms is the part where we are looking from a security perspective. Cause it's monitoring on a security perspective. What happens, it's an anomaly based monitoring, it's behavioral analysis and it looks always, it compares between what is the normal status and where are the parts which are not normal at that case, right?
So you can see new connections, ports, applications. You see if changes coming in and you don't know this and gives a complete overview, 98% of the data we are looking for are not interested for you. It's just put away, it's 2% where you have to look why a network admin is not perfect. A security admin is not perfect. We're doing mistakes. You have holes in your rules, you have holes in new applications, you don't know how the application is dealing with your network and whatever. And that is a part where we are stepping in in that case. And of course visibility is helping always.
Is it different if you're looking for an exel or similar things or if you have a very plastic fuel and doing visibility where you can drill down to find who is affected, where is affected, what was happening at this stage and compare this with the past and or see this is real time. So that is the part what we are doing here. Just an overview. Who is affected on that?
In in, in the in in your organization from a Cecil or CIOs perspective, it helps to spare money. Cause you don't need to spend so much time and money for the so analysts for your sim cuz we are preparing the data and then just we are interact with a security event management. So the compliance is a part.
Forget, don't forget, I always say we are in that case, designed for if an attack is happening right now or even attack happened, sorry, my bad English at the moment. So we can help you to send reports to the police, to other stakeholders to say this is exactly in, in our timeframe, what happens? That's the part from the cio. So compliance, cost effective and stuff like that. The network admin and the security admin, they can fuel what we have in your network.
It's not performance, it's not a searching is just from the security perspective we have a better usability and to design what they need to do next. In that case, it helps the so Analyst to, to produce his use cases very effectively. Cause he has information he don't have at the moment, right? From a certain perspective, the operational benefits, you can act with the panic room. Don't forget this, right? Yeah. You see the information, you can, you can follow, you can take actions and where in my time I'm good to my time or so that's it. Very brief. 10 minutes. What is an ndr?
I'm there to explain you more deeper if you want. Yeah. Thank you for listening.
