CloudNDR | Cloud-Native Evidence Fabric

Active Alerts

12%vs last hour

Network Flows

2.4M

8%vs yesterday

Risk Score

5%vs last week

Active Collectors

5/6

Network Flow Volume

Flows

Data Transfer

Egress

Ingress

Recent Alerts

Lateral Movement: SSH from SASE to K8s Podcritical

Source: alice.admin@lawfirm.com (192.168.1.50)

Destination: payroll-db-0 (10.0.2.15:22)

T1021.004open10:00:00 AM

Data Exfiltration: Large Egress to Unknown IPcritical

Source: test-app-xyz99 (10.0.5.10)

Destination: 203.0.113.50:443

T1041investigating9:15:00 AM

DNS Tunneling: High Entropy DNS Querieshigh

Source: payment-processor-abc12 (10.0.2.25)

Destination: 8.8.8.8:53

T1071.004open9:30:00 AM

East-West: Frontend Direct to Databasehigh

Source: compromised-pod-abc (10.0.1.50)

Destination: postgres-primary-0 (10.0.4.100:5432)

T1021.004open8:45:00 AM

Privileged Pod External Connectionmedium

Source: kube-system/calico-node-xyz (10.0.0.5)

Destination: 198.51.100.10:443

T1071.001resolved8:30:00 AM

Risk Distribution

Critical: 12

High: 28

Medium: 45

Low: 120

Collectors Status

aws-collector-useast1

us-east-1

2.4 GB/s

active

aws-collector-uswest2

us-west-2

1.8 GB/s

active

k8s-ebpf-prod-01

prod-eks-01

3.2 GB/s

active

k8s-ebpf-dev-01

dev-eks-01

degraded

azure-collector-eastus

eastus

1.5 GB/s

active

gcp-collector-uscentral1

us-central1

offline