Skip to main content
Datatrek
LAYER 1.1 // XNDR
Managed XNDR + Network Scanner

360° visibility
across every device on your network.

Threat detection built on network metadata analysis — DNS, NetFlow, firewall logs, proxies. We see what EDRs don't: IoT, printers, cameras, unmanaged devices. Complemented by an inside-out Network Scanner that continuously maps your network topology.

1000+
Behaviour rules (MITRE ATT&CK)
360°
Network visibility (incl. Shadow IT)
0
External scanners required

360° network visibility

XNDR sees all traffic — including devices (IoT, printers, cameras) that have no EDR agent.

Lateral movement detection

We catch lateral movement and C2 communications — even when the attacker bypasses EDR.

Content & DNS filtering

Malware, ransomware, cryptojacking, DNS poisoning, phishing, typosquatting — filtered at the source.

Blast radius analysis

Breach-scenario simulation on the topology map — which devices and users are exposed if a node falls.

Your network, mapped in real time

The Network Scanner actively maps your topology from “inside-out”, using only your managed endpoints — no external scanners required. It automatically detects Shadow IT, monitors Port Drift for new or unauthorized services, audits persistence mechanisms, and correlates user sessions with nodes.
Who is logged in where, which ports opened without authorization, which startup entries appeared yesterday — continuous baseline comparison and risk scoring, without burdening the network.

What's included

  • Metadata Analysis (DNS, NetFlow)
  • Multi Intelligence Sources
  • Malicious Behaviour Protection
  • Content & Traffic Filtering
  • Reputation Service
  • Topology Map
  • Port Drift Monitoring
  • Blast Radius Analysis
  • User Session Tracking
  • Persistence Monitoring

Objectives

  • Detect threats that bypass EDR
  • Visibility into unmanaged & IoT devices
  • Prevent lateral movement
  • Reduce MTTD/MTTR
  • Document blast radius
NIS2 alignment

Continuous infrastructure mapping, Shadow IT detection, and persistence auditing constitute documented evidence of appropriate technical & organizational security measures — a core requirement of the directive.

Request a demo of Datatrek XNDR

Request a demo +30 2810 391352 soc@datatrek.io

Explore the other layers

LAYER 0.1

Managed Next-Gen SIEM

Every log, every event, every cloud and endpoint signal — ingested, correlated, and watched 24/7.

Learn more →
LAYER 0.2

Managed Extended EDR

Dual EDR stacks on critical servers. If one falls, the other takes the host offline.

Learn more →
LAYER 0.3

Managed Extended Endpoint Protection

ML pre-execution detection + ransomware, memory, credential & USB protection — parallel to any existing AV.

Learn more →
LAYER 2.2

Vulnerability & Patch Management

Continuous CVE/NVD scans across your estate. Reports by severity. Full audit trail.

Learn more →
LAYER 2.1

Managed Cloud Backup & Secure Sharing

Encrypted, immutable cloud backups + secure file sharing — managed end-to-end.

Learn more →
LAYER 3.1

Managed Identity Threat Detection & Response

24/7 M365 + Google Workspace identity monitoring — session hijacking, credential theft, BEC, and inbox-rule abuse.

Learn more →
LAYER 3.2

Managed Security Awareness Training

Quarterly live seminars, simulated phishing, and NIS2-documented certifications — turning your team into the last line of defense.

Learn more →
LAYER 3.3

Managed 1Password — Password Management

End-to-end encrypted vault, Watchtower breach alerts, vault-scoped sharing — one Business license + one free Families license per user.

Learn more →