Monitor and detect network intrusions in real time


TEHTRIS is recognized as a representative vendor in the Market Guide for Extended Detection and Response 2021.

Why choose NTA?

24/7 monitoring and detection

NTA covers 100% of your network flows: industrial, IT and OT networks. All abnormal activities are automatically detected thanks to signature and behavioral analysis.

Directly integrated into the XDR Platform

Give your analysts more context with NTA. Our NTA is integrated in the TEHTRIS XDR AI Platform, so that you can use all of our augmented technology: SOAR, CTI and CYBERIA.

Accelerated decision-making

Automate the monitoring of your networks and the detection of anomalies within your network traffic. The time saved allows your teams to respond faster to attacks.

NTA monitors your network flows 24/7, whether they are inbound or outbound flows. Suitable for industrial, IT or OT environments, you choose the monitoring and detection perimeter to suit your needs.

NTA automatically detects any anomalies in your flows, thanks to a database of over 80,000 qualified rules. Analysis of network signatures and behavioural analysis by our CYBERIA artificial intelligence reinforces the detection of suspicious activity and the protection of your networks.

Integrated into the TEHTRIS XDR AI Platform, NTA automatically alerts you directly on the platform in the event of an anomaly to complete your contextualisations.

Our sensors are strategically placed on your most critical perimeters, to ensure optimal monitoring and detection.

Quickly installed, NTA is deployed according to the needs of your infrastructures (number of sensors, location, …). The deployment of our sensors on your networks does not interrupt your activities or modify your existing systems.

Our sensors capture your traffic through port mirroring or network TAP. In case of abnormal or suspicious activities, alerts are automatically sent to the TEHTRIS XDRAI Platform.

NTA is integrated in the TEHTRIS XDR AI Platform and gives you full visibility on your networks. As soon as an anomaly is detected on your networks, alerts are automatically sent to the XDR Platform.

Make your decision-making faster and easier by customizing your dashboards on the TEHTRIS XDRAI Platform. Many options are available to monitor your alerts in real time: severity level, IP source, IP destination, and others.

The Raw Data view synthesizes all the logs collected on your network by NTA. Add the collected raw data to your forensic analysis and deepen your investigations with your network’s activities history.

Integrated in the

When it comes to cybersecurity, orchestrating events and reacting to threats quickly and effectively is a fundamental challenge. One of the best ways of achieving this is to use powerful automation tools and artificial intelligence. This is what TEHTRIS offers you with its SOAR integrated into the TEHTRIS XDR Platform.

Discover how we create hyper-automation!

Certified and recognized by
many actors of the cyber world

Leading cybersecurity authorities, analysts and associations recommend TEHTRIS solutions

MITRE ATT&CK compliance

MITRE ATT&CK is a knowledge base with a model of the behavior of a cyber attacker, reflecting the different phases of the attack life cycle according to the targeted platforms: Windows, Mac, Linux, mobile, etc.

Discover the compatibility of TEHTRIS XDR AI PLATFORM

< 1

day to deploy a NTA appliance, with sniffers and alarms configured

< 24h

permanent updating of detection rules without human intervention


detection rules covering all ranges of attacks from industrial to corporate networks


Preserve the sovereignty
and integrity of your data

Since 2010, TEHTRIS innovates and improves
its cyber defense solution, through the
different modules of the TEHTRIS XDR AI PLATFORM.

Choose the European leader in cyber security!


What functions does NTA offer?

NTA offers several functions, with two main areas of focus: network intrusion detection (NIDS) and network forensics.

What network protocols are monitored?

We monitor all possible standard network flows, from Layer 3 to Layer 7.

Do you have functions for the analysis of encrypted flows?

We have the ability to detect the use of suspicious certificates used in particular by many backdoors that try to filter out in an encrypted manner.

Does the appliance have a netflow collector?

NTA builds its flow collection directly in the same spirit as NetFlow, keeping the metadata related to the communications between the different devices.

Where should the NTA probe be positioned?

It is advisable to position analysis on strategic points, such as the entry/exit part of a sensitive network.