Artificial Intelligence & Machine Learning , Network Detection & Response , Next-Generation Technologies & Secure Development

Netography Brings Data Science, Detection to Monitoring Tool

CEO Martin Roesch Says Netography Can Detect Anomalous Behavior Without Human Help
Netography Brings Data Science, Detection to Monitoring Tool
Martin Roesch, CEO, Netography (Image: Netography)

Netography has added more detection features and data science capabilities to help large enterprises better understand what's on their networks, according to CEO Martin Roesch.

See Also: Webinar | Accelerate your SOC with AI-driven security analytics with Elastic and Google Cloud

The Annapolis, Maryland-based company over the past 12 months has quintupled the amount of data ingested into its system without any hiccups and continues to provide users with a sub-second response time, according to Roesch. He said Netography's system continues to be responsive even with more data being thrown at it (see: CISA Warns of Increased DDoS Attacks).

"What Netography has done is build a high-scale data analytics platform that takes data in, analyzes it in real time from these enterprises and decorates it with context about the environment," Roesch said.

Netography has doubled down on context-based detection, allowing organizations to label and set rules for systems, security groups and locations. For example, it can ensure that devices in one building can't talk to devices in another building or that activities on the CFO's laptop are greatly restricted, he said. Users can now ask contextually relevant questions and have their system describe behaviors and activities in the environment, he said.

Doubling Down on Detection

Roesch has invested a lot in having Netography's system inform itself about what it's observing by tapping into context from external data sources or vulnerability management products. Building a self-driving system that can inform itself will save customers time and result in less work for everyone else, according to Roesch.

"The more you ask your users to do, the harder it is for them to get value out of the system."
– Martin Roesch, CEO, Netography

From a data science perspective, Roesch wants Netography to move from a statistical approach that crunches data to look for deviations in norms to a behavioral-based approach that spots abnormalities based on the activity that's occurring in the system. Netography's machine-learning technology can figure out which behaviors are benign without users having to describe them to the company, he said.

"There's a fine line between statistics and machine learning, and we're crossing the fine line," Roesch told Information Security Media Group. "We're getting more capabilities around describing behaviors without having to have users describe them to us - which is much more of a deep-learning activity - and looking for changes from normal interactions that we see in the environment."

Roesch said deep learning is pretty difficult to do, especially if humans aren't looped into each step of the process. By building a system that course-corrects itself, humans no longer have to be the sole source of truth or continually massage the data as required with intrusion prevention or detection systems, Roesch said.

"The more you ask your users to do, the harder it is for them to get value out of the system," Roesch said. "And the whole point of the Netography approach is to be a low-friction system, something that is very self-driven."

Surveying the Competitive Landscape

Netography competes against everyone from "old-school companies" such as Cisco to network operations center tools such as Plixer and network detection and response vendors such as ExtraHop, Vectra and Corelight, Roesch said. Virtually all competing products are built on a hardware platform that requires a constant curation cycle, while Netography is a pure SaaS system with no deployment required, Roesch said.

Roesch sells primarily to Fortune 1000 enterprises in North America in verticals including finance, technology, utilities, aviation, electronics, food and beverage, freight and logistics, and media. He said Netography's low-friction deployment shines in organizations where there were previously headaches with network monitoring, and it appeals to disaffected users of appliance-based technology, Roesch said.

From a metrics standpoint, Roesch said, he focuses most closely on annual recurring revenue, number of customers, headcount, marketing conversion and pipeline growth. To track Netography's sales pipeline, the firm uses sophisticated internal processes that quantitatively track what gets into the pipeline, how it's progressing through the funnel and the quality of customer experience.

"Large enterprises many times have OT environments as well as IT and cloud environments," Roesch said. "Being able to treat them as one thing instead of having separate technologies for each area with different teams and different languages and different everything gives people a much better handle on what's going on in their enterprise."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.