Crystal Eye NDR is a network detection and response solution that monitors network traffic for threats and anomalies. The platform captures and enriches network sessions with metadata including IP addresses, ports, protocols, geolocation, DNS/DHCP data, and encryption type. The solution integrates cyber threat intelligence for monitoring known malware and command-and-control infrastructure. It employs machine learning for anomaly detection combined with over 70,000 curated IDPS rules. PCAP analysis capabilities support threat hunting and forensic investigations. Crystal Eye NDR provides visibility into east-west traffic through sensors deployed within networks to detect lateral movement. The platform includes a unified policy engine that consolidates enforcement across web, email, authentication, and threat detection layers. Integrated security controls include firewall, data loss prevention, intrusion detection and prevention, SSL inspection, content filters, and protocol controls. The solution offers 24x7 access to SOC analysts, digital forensics, and incident response services through what the vendor calls "Village of Experts." On-demand threat hunting services are available without retainer requirements. The platform stores events for 18+ months to enable retrospective analysis and compliance requirements. Crystal Eye NDR supports both in-line and out-of-band deployment modes and features multi-tenant architecture for centralized detection engineering across multiple sites or clients.