Leverage Your Tech Stack to Detect, Investigate, and Respond Faster
Netography Fusion® is a cloud-native Network Defense Platform (NDP) that provides real-time detection and response to anomalies and threats across your hybrid, multi-cloud, and on-prem networks from a single console without deploying sensors or taps.
The Fusion platform integrates with your tech stack to improve the effectiveness of every stage of your detection and response lifecycle, from the range of data sources it analyzes to the context-rich alerts it generates.
Broad Visibility From Across Your Tech Stack
The Fusion platform ingests metadata from two primary sources in your hybrid multi-cloud and on-prem network:
- Cloud flow logs from Amazon Web Services, Microsoft Azure, Google Cloud, IBM Cloud, and Oracle Cloud
- Flow data from the physical and virtual devices you have already deployed in your network (such as routers, switches, and gateways)
Fusion then enriches the metadata with additional context labels and tags from your tech stack, including source autonomous system information, GEO location information, bit rates, packet rates, destination autonomous number and DNS lookups, and next hop information.
It also adds context from Active Directory, asset management, CMDB, EDR, NDR, XDR, and vulnerability management systems, including last user, asset owner, MAC address, asset classification, agent version, group, vulnerability count, and CVSS rating and score.
Remove Blind Spots and Barriers Caused by Siloed Data and Teams
Fusion integrations make your technology investments more valuable and your teams more effective because it standardizes and centralizes context contained in isolated applications and services distributed across your existing tech stack.
Your teams can quickly customize the preconfigured detection models and dashboards to query the data and visualize the specific activity they want to monitor, instead of sifting through mountains of low-value alerts looking for relevant data.
Integrations also accelerate your investigations because analysts don’t have to request access to different tools or involve other teams to have critical context at their fingertips. The enriched metadata enables them to pivot quickly between dashboards to investigate or correlate activity. They can also review the historical metadata to understand the scope and duration of any activity.
“My IT teams love Netography. We purchased it for a complete security use case, but it’s being used every day to find gaps in our system, misconfigured routers, and bandwidth issues. That was not part of the equation when we signed up, but it has certainly become a day-to-day operational thing that our teams are using.”
– Troy Wilkinson, CISO, Interpublic Group (IPG)
Ready for a demo?
See Netography Fusion in action
The Fusion platform integrates with your tech stack to create the enriched metadata that accelerates your ability to detect, investigate, and respond to anomalies and threats faster
More Effective Response Workflows via Integrations
The Fusion platform enables you to implement a range of response workflows in real-time. You can initiate response from within the Fusion platform directly, or via built-in integrations with a range of technology partners, including EDR and XDR systems, and SIEM and SOAR platforms.
- Push alerts to communication applications for distribution to diverse teams for faster notification
- Send alerts to AIOps and IT management systems for automated remediation workflow management
- Forward alerts to SIEM and SOAR platforms for correlation with alerts from other security events to improve their detection fidelity
- Quarantine devices exhibiting malicious activity using integrations with EDR or XDR tools
- Block or redirect traffic from threat actors or reroute traffic for further analysis automatically using BGP, RTBH, Blocklist Manager, Flowspec over BGP, API and DNS orchestration
- Change thresholds and fine-tune traffic rerouting with scalpel-like precision
Well-documented RESTful APIs give you the ability to automate workflows with your tech stack as well, and Fusion also supports Terraform to enable you to automate the ability to provide visibility and control for scaling infrastructure.