First there was SIEM and NDR. Now there’s next-gen SIEM and modern NDR.

Before you dismiss next-gen SIEM and modern NDR as marketing malarkey, suspend your disbelief for 15 minutes and watch this short interview with ExtraHop Chief Product Officer Kanaiya Vasani.

Vasani describes how the modern NDR platform from ExtraHop provides a totality of coverage compared to traditional NDR offerings. He distinguishes modern NDR from traditional NDR by the breadth of use cases that modern NDR supports. Where traditional NDR is known for performing behavioral analysis on network traffic, modern NDR does that and more. It includes IDS, packet forensics, network performance, asset visibility, attack surface management, and cloud detection and response out of the box, no integrations required.

In the interview, Vasani also indicates that some serious, automated threat detection and response capabilities are coming to security operations centers (SOCs) via next-gen SIEM. Next-gen SIEM delivers on the long unfulfilled promise of using a SIEM for threat detection and response. Where traditional SIEM never got beyond basic batch-process log aggregation, next-gen SIEM automatically correlates and enriches endpoint, network, and other security telemetry and detections in real-time and at cloud scale. Next-gen SIEM also applies artificial intelligence and machine learning to drive real-time correlation and detection and embeds SOAR capabilities to fuel real-time remediation.

Finally, you’ll understand the role of modern NDR in powering next-gen SIEM alongside endpoint detection and response (EDR). You’ll hear how it’s essential to defense in depth and in accelerating incident response. NDR is the only security technology capable of providing organizations with the definitive truth about what’s happening on their network and whether any data has been compromised. But to enable this level of visibility, an NDR solution must combine NetFlow with full packet capture, decryption, protocol fluency, and cloud-scale machine learning.