Gigamon ThreatINSIGHT

Cloud-native, high-velocity NDR built by responders for responders.

NEW  ThreatINSIGHT Named Cyber Catalyst℠ Designated Solution by Leading Cyber Insurers. Read Report

Reduce Risk in Highly Dynamic Environments

Today’s networks are changing fast, and employees, devices and infrastructures are more distributed than ever. Gigamon ThreatINSIGHT™ is the first cloud-native, high-velocity network detection and response (NDR) solution that’s purpose-built to enable you to get in front of this transformation.

  • Find hidden network threats. Discover threats in encrypted communications and improve your overall security hygiene.
  • Automate security investigations and responses. Prioritize and rank incidents to focus on the riskiest incidents and assets.
  • Optimize security workflows and tracking. Go from reactive to proactive tracking and mitigation, tracking threats even during change.

Empower Security Teams

Gigamon ThreatINSIGHT accelerates network detection and response (NDR) with a cloud-native platform that provides threat activity detection, and the data and context needed for cybersecurity response and investigation.

Unequaled Visibility

High-Fidelity Threat Detection

  • Leading machine learning, threat intelligence & behavioral analysis detection techniques from Gigamon Applied Threat Research
  • Accelerated threat detection and automatic risk scoring across the MITRE ATT&CK framework

Rapid, Informed Response

  • Fast omnisearch capability to investigate any vector through extended timeframes
  • Powerful threat hunting, full investigation & incident management workflows
  • Case evidence to enable informed response decisions

ThreatINSIGHT provides incident investigation and response teams a way to operationalize critical data, necessary to defeat active threats in today’s rapidly changing environment. Using ThreatINSIGHT you can:

  • Improve your security posture by identifying out-of-date protocols and certificates.
  • Detect suspicious DNS and SSL traffic associated with emerging threats through machine learning.
  • Automate risk calculation and incident prioritization to free your teams to focus on high-priority incidents with less effort.
  • Ease security deployment with zero-touch visibility into new network segments within minutes.
  • Expose hidden threats with centralized TLS 1.3 decryption, using Gigamon Visibility and Analytics Fabric™.
  • Track historical threat activity on devices, regardless of change.
  • Get vast access to enriched metadata for purposes of industry reporting or deeper threat investigative activities.
  • Enhance investigation workflows and find relevant details faster.
  • Improve threat hunting by isolating key threat behaviors and changing from reactive detection to proactive hunting and mitigation.


Categorize threats according to their risk to your environment and use risk scoring to prioritize response. Correlate threat activity on a device and extend your investigation across all of your impacted devices.



Leverage powerful omnisearch capabilities to rapidly query network events during investigations. Get context with entity enrichment and historical information about every observed asset in the environment, whether its on-premise or cloud or both.



Proactively search your environment for hidden threats and build custom dashboards to quickly query data and isolate threat activity. You can choose from multiple visualizations to spot outlier data as you hunt.


Threat Detection Methodologies

Gigamon ThreatINSIGHT provides security teams transparent, high-quality, actively managed detections.


2020 Gartner Market Guide

Gigamon ThreatINSIGHT Representative Vendor in Network Detection and Response Report


Forrester Now Tech: Network Analysis and Visibility

Learn why NAV technology is critical for asset management, network detection and Zero Trust.

Gartner peer insights

“ThreatINSIGHT Gives You Visibility You Didn't Know That You REALLY Need To Have.”

“We've had Gigamon ThreatINSIGHT installed and running for 3 years now. It's given us visibility into our networks that we were essentially blind to before. The value add that it provides is not only on the cybersecurity side of things, but there's tremendous value to operational IT as well. Being able to query your network history via a SQL-like language is incredibly powerful, and being able to add custom alerting using the same language is a killer feature.”

Director Of Information Security in the Retail Industry

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

Applied Threat Research Team

Gigamon ThreatINSIGHT is supported by the world-class Gigamon Applied Threat Research (ATR) team, delivering leading-edge detection capabilities.

ATR experts actively hunt for threats and study their behavior in the wild and throughout customer environments. They also develop detection capabilities and conduct security research to advance the state of detection capability — complete with full rule descriptions, justifications and logic — to help protect your organization.

ATR team

Discover More

Visit our NDR Resource Center for the latest threat research, white papers, webinars, reports and more.

Related Pages



Gigamon + ThreatINSIGHT

See how ThreatINSIGHT is even better with Gigamon visibility.

Visibility Analytics and Fabric


Cloud Visibility and Analytics Fabric

Close the cloud visibility gap with a complete solution.




Optimize traffic sent to your tools.

Zero Trust


Securing Sensitive Data Assets

Access network data with ThreatINSIGHT to support your Zero Trust journey.