Credit to Author: Karl Ackerman| Date: Wed, 31 May 2023 02:14:04 +0000
Sophos NDR analyzes activity and traffic flows deep inside the network to detect abnormal, suspicious behavior that can be indicative of attack. We are now pleased to deliver a comprehensive set of 23 queries and reports that allow you to explore the NDR data and flow-based activity that it sees.
These new NDR queries and reports are available from the Live Discover section of the Threat Analysis Center in Sophos Central and can be run on demand or configured to run as scheduled reports.
The provided queries cover everything from managed and unmanaged devices to protocol usage to details on detection events. Most queries support variables to focus on a specific sensors, protocols, source IPs, destination IPs, and more. You can also control the date range of the reports as well as schedule reports to run regularly.
Watch a demo:
See the full list of queries and how to take full advantage of them on the NDR community blog.
These new queries and reports are available for free to all licensed NDR customers.
New to NDR?
If you’re new to Sophos NDR, it’s an essential addition to our Managed Threat Detection and Response (MDR) service. Learn more at Sophos.com/NDR.