CounterSnipe: The most complete Network Detection and Response (NDR) system on the market

CounterSnipe started life as an Intrusion Prevention System(IDS/IPS) with an easy to use management GUI. The software has grown over time, with a lot of feedback and input from our customers. Today it  includes over 40 network and change detection utilities in order to deliver an intelligent Network Detection and Response (NDR) system. 

NDR : In 2020 Gartner created a new category called Network Detection and Response or NDR The new name does explain a software that does way more than just IDS better. A software that includes many other applications and detection mechanisms than just using an IDS engine.

CounterSnipe have included so much into what originally was developed as an Intrusion Detection System that NDR does really make sense.

We have been at the forefront of this NDR market without using the term itself. In practice it has two components or sections/areas.

ND is all about Network Detection. The more network detection the ND components of the NDR software do, more intelligence it will possess for making Response decisions.

CounterSnipe ND has grown over the last 10 years. This re branding did not mean that we had to start thinking of what new to add. Here is a list of what our ND components currently delivers. We have included the year we added them to show their maturity;

CounterSnipe Network Detections (NDs)

  • Threat, Exploits, Worms discovery 2008

  • Automated Asset Detection 2012

  • Passive Application discovery 2013

  • Real time Asset Information 2014

  • Malware Detection 2015

  • MAC based end point Detection 2015

  • Automated Server Posture Detection 2016

  • Country based access Detection 2019

  • Unauthorized access Detection 2020/1


In addition to all of the above the effectiveness of an NDR further enhances with some built in Artificial Intelligence (AI) and the inclusion of Anomalies.


In its simplest form Anomaly Detection can be defined as ability to detect deviation from norm(al) behavior, access, pattern on a given network. Since each network differs, the ability to Anomaly Detect is not something that can be preconfigured.


CounterSnipe NDR includes a number of ways to detect anomalous network traffic. These include time, usage, access and other factors based anomalies.

CounterSnipe NDR key features include;

  • Intrusion prevention

  • Intrusion detection

  • Malware Protection

  • IPS event analysis

  • Passive Application detection

  • Asset detection

  • Asset change detection

  • Missing Asset Alert

  • New Asset Detection

  • Automatic port scanning

  • Threshold based alerting

  • Timed scanning

  • Application aware IPS rule set

  • Event-Asset-Vulnerability correlation

  • One click policy creation and deployment

Lets talk most comprehensive NDR

When Evolution Really Pays; IDS/IPS then More than IDS/IPS, then IDS/IPS, Malware, Asset Detection then thanks to Gartner...we have a definitive name for what we have been delivering for few years... NDR or Network Detection and Response system.

"According to Gartner 70% of the security breaches occur due to intentional or unintentional misconfigurations."

CounterSnipe helps you detect those changes in real time and adjust the protection accordingly.

Managing IDS rules is easy as abc....view, decide and deploy (One of the many easy to use screens of TMC)

Some basics:

Our Product: CounterSnipe APS - A Comprehensive Network Detection and Response (NDR) System.

Licensing: Based on number of Installations. Perpetual or Subscription.

RTM: Sold exclusively via MSPs and VARs worldwide. 

Supported Platforms: Any physical or Virtual/Cloud system capable of supporting Linux.

Key Benefits:

  • Active protection from Malware and Intrusion

  • Control and monitor access with bespoke rules/policies for your own specific requirements.

  • Wider security implementation by multiple sensor deployment

  • Better security by correlation of network based security events as opposed to a single point.

  • Easy to review security by asset grouping

  • Enhanced compliance by automated scanning of assets(pcs/servers) and real time security.

  • Detailed and automated IDS/IPS event management by correlating IPS events with auto discovered change in networked assets.

  • Automated Risk Data updates with IPS and Malware rules 

  • Automated deployment ( eg can set it to deploy new rules at mid-night every night)

  • Real time network security by daily updates of Vulnerability Database including links to NIST CVE information. 





Need More Features? CounterSnipe NDR is probably the most comprehensive Network Detection and Response Software on the market, all because we have been listening to our customer requirements for years. If there is something you require for your particular network and we don’t currently show that, tell us. If it is technically possible, we promise to implement and deliver what you need. That’s our commitment.

Comprehensive Health Services Logo