Network Traffic Analysis (NTA) uses a combination of machine learning, advanced analytics and rule-based detection to continuously – and non-intrusively – analyze network traffic, flows, and connections. It uses this data to build (or refine) a baseline model of normal network behavior, enabling fully contextualized alerting when deviant patterns are detected. This means you can identify suspicious activities existing tools miss – in near real-time.
NTA is a particularly powerful tool for detecting and responding to malicious lateral (east-west) activity, though NTA also increases visibility into north-south perimeter breaches. And as NTA is based on raw telemetry data rather than log information, it provides a uniquely objective view of threat behavior on your network.
NTA solutions are powered by passive, non-intrusive deep packet inspection (DPI) technology that can profile and classify network traffic even if it is encrypted. Qosmos’ market-leading, high-throughput sensor (the DPI Probe) can be rapidly and cost-effectively deployed anytime, anywhere across a network to build full-feature NTA solutions that integrate smoothly into existing response management and forensic analysis systems.