The Evolution of NDP: Finding Our Fit in the Technological Landscape
By Barrett Lyon, Co-Founder and Chief Architect
As security technology continues to evolve and reshape the way we do security and as the network becomes more of a mystical ephemeral concept rather than wires, switches, and fiber, new terms and categories need to emerge that better describe the current state of our industry. One such term that has recently gained traction is NDP, or Network Defense Platform.
What is NDP?
NDP, or Network Defense Platform, is a holistic approach to securing and managing digital infrastructure. Unlike traditional security solutions such as NDR (Network Detection and Response) that focus on packet capture and physical networks, NDP aims to provide an all-encompassing platform that integrates multiple components of the network: cloud, network metadata, and traditional network components such as firewalls, switches, and routers, and brings them into a single place. This includes threat detection, extreme data visualizations, response strategies, and even proactive defense mechanisms that can predict and mitigate risks.
You can’t protect what you can’t see. We place a strong emphasis on security-focused data visualization, striving to present or synthesize what we believe is crucial for network and security professionals. This advanced level of data visualization is essential to help individuals understand the location and nature of events, providing a tangible perspective on our dispersed service layers (i.e., Atomized Networks: highly distributed and fragmented). What sets us apart is our ability to do this in real-time and with so many different methods without the customer doing any real lifting.
In simpler terms, NDP is like a guardian of the digital realm, constantly watching, analyzing, and defending the network from potential threats. It’s not just about detecting and reacting; it’s about being a step ahead in this ever-evolving game of cyber cat and mouse.
Our Journey to NDP
Five years ago, co-founder Dan Murphy and I found ourselves at a crossroads. Our innovative patents, which we now recognize as a precursor to NDP, didn’t seem to fit neatly into any of the existing NDR technological categories. We were pioneers, but we struggled to label our creation in a way that encapsulated its breadth and depth.
Our first attempt at giving us a title was (U.S. Patent No.: 11,683,343) “DISTRIBUTED NETWORK AND SECURITY OPERATIONS PLATFORM”, which, while accurate, felt too verbose and lacked the punch we desired. As we put it in the patent application:
“Existing architectures for network operations and security operations of private networks have suffered substantial scalability setbacks due to having limited computational resources while facing more complex and ever increasing amounts of traffic, encryption, storage, rulesets, etc. Thus, an improved network and security operations service is needed.“
Our second patent’s title, (U.S. Patent No.: 11,711,398) “DISTRIBUTED NETWORK SECURITY SERVICE”, was closer to the mark, but it still didn’t fully capture the essence of what we had built.
Now, these patents are issued, and with the evolution of the term NDP, it feels like the puzzle pieces are falling into place. Our patent, with its focus on a distributed approach to network security and operations, aligns seamlessly with the principles of Network Defense Platform, which we offer as Netography Fusion.
Why We Built the NDP Mold
Reflecting on our journey, it’s evident that our vision has always been in line with the NDP ethos. Here’s why:
Distributed Nature: The distributed aspect of our product emphasizes flexibility, scalability, and resilience—essential traits for any modern Network Defense Platform.
Metadata-Based: With an encryption-agnostic architecture, we can deliver granular visibility of network activity and anomalous activity regardless of encryption.
Live Detections: Unlike today’s data lake which is a store and search method, we do detection in real-time in memory which doesn’t require heavy query time or expensive searches.
Wide breadth of integrations: We integrate with CrowdStrike, SentinelOne, SumoLogic, Wiz, and many others to provide detailed context and integrated notification and workflow.
Pure SaaS: There’s nothing to deploy, we “live off the land” of the exhaust data both in Flow and in cloud pipelines that are rapidly evolving.
Embracing the Future with NDP
The landscape of technology and cybersecurity is in perpetual flux. While five years ago, we felt like outsiders trying to define our niche, today, with the advent of NDP, it’s clear that we were simply ahead of our time.
Now, with a defined category that resonates with our vision, we are excited to push the boundaries even further. The rise of NDP confirms our belief in a comprehensive, proactive, and distributed approach to network security.
In embracing NDP, we’re not just fitting into a category; we’re leading the charge, fortified by our years of experience and pioneering spirit.