Did an NDR (Darktrace, Vectra etc) actually protect you from a real malicious activity?

I'm the ISO of a small financial company and my management asked me to evaluate an NDR.

Building manual, scheduled alerts on Splunk, I don't feel very confident I've covered all possible attack scenarios.

An NDR with its dynamic, real time alerts seems the perfect missing piece. (We already have EDR, email security, proxy etc)

My only question is, does an NDR actually give you a peace of mind that it will block any possible malicious network activity?

Has it …

alerts attack cybersecurity darktrace don dynamic etc financial iso malicious management missing ndr perfect protect real time splunk vectra