Logpoint NDR Logo

Logpoint NDR

0
Commercial
Visit Website

Logpoint NDR (Network Detection and Response) is a security solution that monitors network traffic to detect and respond to threats that may bypass traditional endpoint security measures. The platform uses AI and machine learning to analyze network activity patterns and identify malicious behavior in real-time. The solution features "Chain of Events" technology that connects seemingly unrelated security events to reveal hidden attack patterns. This AI-powered capability helps security teams focus on genuine threats by reducing alert noise and highlighting actual attack chains rather than individual alerts. Logpoint NDR operates without requiring agent deployment on endpoints, reducing operational overhead while providing visibility into network-based threats. It can detect various threats including malware, ransomware, and insider threats as they move across the network. The platform can be integrated with Logpoint SIEM to combine network traffic analysis with log data for more comprehensive security coverage. This integration enables security teams to correlate network-based detections with log-based evidence for improved threat hunting and incident response. Logpoint NDR helps organizations predict attacker movements by identifying tactics and techniques indicative of evolving attack chains, allowing for proactive threat prevention rather than just reactive response.

FEATURES

ALTERNATIVES

Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.

DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.

A program to log login attempts on Telnet (port 23) and track the Mirai botnet

CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.

Detects and prevents SSRF attacks

A simple IOC scanner bash script for Linux/Unix/OSX systems

A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices

Intercepts and examines mobile app connections by stripping SSL/TLS layer.