Gatewatcher NDR is a Network Detection and Response platform that provides visibility and behavioral detection of cyber threats across IT and OT environments. The solution operates in a passive mode without requiring additional equipment and is agnostic to existing infrastructure. The platform performs multi-vector threat detection including analysis of encrypted traffic through metadata extraction. It automatically discovers and maps network assets and user behaviors without active scanning. Detection capabilities include identification of zero-day threats and advanced persistent threats. The system aggregates and prioritizes alerts using a risk scoring mechanism that adapts to the context of the security infrastructure. Investigations are supported through access to complete network communication data and metadata, with pivoting capabilities for incident analysis and proactive threat hunting. The platform includes a centralized console called COCKPIT for managing investigations across multiple protected perimeters. It maps detected threats to the MITRE ATT&CK framework to support remediation workflows. The architecture follows security-by-design principles with a hardened operating system. Integration with security ecosystems is enabled through APIs and standardized connectors. The platform supports connection with EDR, XDR, SIEM, SOAR, and next-generation firewall solutions through a component called Reflex.