Reasons why organizations are choosing a new breed of NDR



It’s noteworthy. In just seven years, our self-funded cyber security company has managed to secure 90 percent market share in a big economy like France, despite competing directly with a brand like Thales.

The strain of expanding digital estates and the sophistication of cyberattacks were exacerbated by the uptick in the demand for Cloud and remote working created by the Covid-19 pandemic. This has led to an inflection point for the effective management of cyber risk.

Organizations not only need to stay technically ahead of the curve, but they need to do so with a commercially viable solution that supports the fatigued human assets serving at the front line of the cyber conflict. Now expanded into the UK, the Nordics and Germany, an increasing number of businesses, government institutions, and financial institutions are turning to our new breed of network detection and response (NDR) technology.

Here are some reasons why

Keeping pace

The cybersecurity space is ripe for evolution. The volume of cybersecurity alerts is climbing upwards, but technology budgets need not. To keep pace, organizations need more holistic cyber security coverage, with state-of-the-art technology – at a fraction of the cost.

Enter Gatewatcher that delivers superb outcomes with an unprecedented functionality proposition, that optimise costs.

SOC fatigue

On average, companies with over 1,000 employees maintain about 70 security products from 35 different vendors, according to a report by CCS Insight. As if that wasn’t challenging enough by itself, some solutions are creating an impractical scale of alerts, such as false positives. At this point, it becomes clear that the increased management overheads start to negate the advantages of the tech.

The end results? Security operations center (SOC) teams that are contending with an unmanageable volume of alerts. According to an ESG¹ study, a shocking 44 percent of these alerts go uninvestigated due to a combination of talent scarcity and the multiplicity of security solutions generating a huge volume of alerts.

This kind of cybersecurity fatigue not only creates huge cyber risk but impacts the already struggling talent pool of human cybersecurity assets. It is time to not only take care of the wellbeing of these individuals, but to equip them with more effective, usable data – liberating them to do the work that humans do best.


Doing more with less is on the agenda of just about every Chief Information Security Officer (CISO) I speak to. So, to assist with uncorking the bottleneck of cyber alerts, we have engineered our solutions to deliver the same outcomes (as our peer technologies), with a better detection rate. According to our customers a reduction in false positives results in SOC analyst using 30 percent fewer resources. Only an evolution in cybersecurity provision will adequately support organizations through the acute inflection point they are experiencing.

James Bond on the network

Simply put, cybersecurity technology needs to get better. Organizations need 007 on their network.
In practice, this means a 360-degree overview through a map of users and assets to detect and track threats.
Gatewatcher’s machine learning (ML) capability allows organizations to analyse network traffic at a packet level. Zeros and ones never lie. Most NDR technology doesn’t capture that intelligence so holistically. Gatewatcher catches the entire network and analyses it to understand the metadata and malicious behaviours.
It is one of the reasons that we were one of the few cybersecurity vendors to catch SolarWinds, the largest and most sophisticated attack the world has ever seen.

Technical pathway

How do businesses know if they’ve backed the right horse when it comes to cyber infrastructure? I think there are a few clues.

Firstly, it is worth reviewing current and future analyst reports such as Gartner’s market guides. The first challenge is to define what NDR is, and what it ‘should’ do. This is a critically important point because of the number of cybersecurity vendors in the market claiming to have NDR, that upon closer inspection – don’t. The Gartner definition is, as you might expect, a sound reference point. And Gatewatcher aligns itself to that.

Secondly, I’m an engineer. When I joined the Company a few weeks ago, it didn’t escape my notice that 70 percent of the employees here are engineers too. Beware the cybersecurity vendors that operate as marketing engines. Gatewatcher on the other hand consistently spends 45 percent of revenue on research and development. We’re a faster fish. And agility matters in the increasingly perilous world of cyber risk.

There is a reason that we are one of only two companies certified by the French government to provide national critical infrastructures with detection technology. And that’s why it is us leading, standing shoulder-to-shoulder with organisations adopting a new breed of NDR technology.


¹ESG: Security Analytics and Operations: Industry Trends in the Era of Cloud Computing 2019.


Author : Adrian Jones – UK Country Manager