The Best Detection & Response Tools Against Internet Attacks

Post by
Neelesh Patel

Why Net Friends Relies on Cortex XDR and Avanan Complete

For literally decades, the folks who sit behind the desks at Security Operations Centers around the world have looked for network attackers using something called Indicators of Compromise (IoC). An IoC is like a piece of evidence that a crime was committed – a broken window or a bloodstain. On a network, an IoC might be a new file that shouldn’t be there, or a log entry showing contact with a known-malicious IP address. But there’s one thing all IoCs have in common: they all capture information after the fact. The crime has already occurred. You’re just cleaning up afterward.

When Net Friends security experts designed the security elements for our NetVisor and MDR services, we knew our customers wouldn’t be satisfied with getting calls to let them know their confidential data had already been breached. We needed to stop attacks while they were in progress.

That’s why we turned to Cortex XDR and Avanan Complete, two cutting-edge platforms from security firms recognized by Gartner as leaders in their field. Both use a new kind of IoC, sometimes called “behavioral IoC,” to block attacks in real time by detecting suspicious activity as it happens.

Avanan Complete for Detection and Response

Avanan Complete secures our customers’ cloud-based communications, including email, chat, virtual meetings, and file sharing. This MDR solution uses machine learning to build a map of how each company communicates: who talks to whom, who shares what files, where key users log in from. When it detects activity and user behavior that departs from those patterns, Avanan Complete can shut that activity down instantly until a human can investigate to make sure there are no cybersecurity risks.

Cortex XDR For Online Protection

Cortex XDR secures our customers’ laptops and workstations. It monitors the operating system and network, looking for patterns of activity that trip any of the hundreds of rules supplied to us in real time by a global network of security organizations. By recognizing suspicious computer behavior as it happens, Cortex XDR can block so-called “zero-day” attacks, which are so new to the threat landscape they haven’t even been named.  

Cortex XDR also goes beyond rules and definitions by testing suspicious files it identifies in a proprietary “sandbox.” This virtual environment is hosted in the cloud by Cortex’s developer, Palo Alto Networks. Like a cyber-bomb-squad, Palo Alto will attempt to “detonate” the file by executing it to see what it tries to do. If the file tries to trigger unauthorized events, Cortex XDR will create a new rule for that file on the fly to prevent any other workstation from running it.

This potent combination allows Net Friends to offer our small business customers enterprise-grade cybersecurity plans without enterprise pricing. If you’re outsourcing your network security, find out what your vendor is doing for real-time detection and response to internet attacks – that is, unless you’re not in any hurry to find out.

- How Our Passion for Cortex XDR Paid Off
- Net Friends Recognized by Palo Alto Networks as a NextWave MSSP Partner
- What Is A Technology Stack & Why Should I Care?

At Net Friends, we believe in the power of human expertise. While we leverage AI to enhance our content and processes, all blog posts are written and edited by our knowledgeable staff. You can trust you are getting insights directly from our team.

Contact our IT
Support Center 24/7

Option 1: Call (919) 680-3763
Option 2: Email -
Option 3: Complete the form below
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

If your support issue requires immediate assistance, please call our office. Email & web form submissions are only reviewed during business hours.