ADRA NDR was designed with rapid testing and investigation at its core, integrating multiple detection, analysis, and response features. It can detect ransomware lateral movements within local area networks and block suspicious activities to assist enterprises and businesses in preventing sensitive data leakage and mitigating ransomware diffusion in your local network.

Active detection

The ADRA appliance checks specific network packets passing through the switch for suspicious activities. A Threat Trap is a Virtual Machine simulating several common services as a lure for malware to attack. Once an attack is initiated, the suspicious activity can be detected by ADRA NDR.

Automated analysis

When suspicious activities are detected, network traffic packets are analyzed through Deep Threat Analysis and Threat Correlation Analysis to determine the malware attack type and evaluate its associated risk levels.

Automated Isolation

ADRA NDR automatically notifies or blocks infected devices once a threat is defined as medium or high risks, while ensuring the connections of other devices. When suspicious activities are captured by Threat Detection, ADRA NDR directly notifies or blocks infected devices without analyzing process.