Hidden within the high volume of network communications from remote workers, corporate networks, and cloud instances there are small yet rich security insights available if security teams know how and where to find them. With Vectra, security teams can reduce the workload associated with such detections and analysis to increase their efficiency and effectiveness.
Using Lucene searches, organisations can quickly and easily explore the full-fidelity network security metadata, and even turn those searches into custom detections.
The same source security metadata is also analysed by Vectra’s automated attacker detection capability to surface indicators of hidden attacks in real-time that are active inside the organisations’ perimeter defences.
The Vectra platform is an AI-driven threat detection and response solution providing the fastest and most efficient way to see and stop cyberattacks. It is used by customers around the globe to see and stop attacks across hybrid and cloud-native apps, AWS and Azure environments, software-as-a-service SaaS applications such as Microsoft 365 using Identity as well as on Azure AD, in datacentre workloads, IoT, and everywhere expanding across enterprise networks.
Vectra prioritises threat behaviours that pose the highest risk to organisations, providing actionable data and automated response so security teams are always certain where to start hunting and investigating.
Vectra also allows all detections, host, account scores and metadata to be accessed via APIs and strives to be a partner while being vendor neutral. This enables security practitioners to leverage best-in-class solutions to build world-class security infrastructures at true enterprise scale.
Vectra prioritises threat behaviours that pose the highest risk to organisations
Vectra can detect this malicious intent by analysing how hosts, accounts, roles, and workloads are being accessed and how they interact in an organisations’ Microsoft 365 environment as well as any federated SaaS application using Azure AD.
Analysing data from both identity provider IdP services and cloud applications, custom machine learning models detect tell-tale attacker behaviours earlier in the kill chain. This gives security analysts a complete picture of their entire network and allows them to monitor accounts for compromise and insider threats.
Vectra seamlessly integrates with SaaS applications including Microsoft 365, SharePoint, OneDrive, Teams, and Exchange, as well as cloud Identity Providers, like Microsoft Azure AD, giving complete visibility into who is accessing them, regardless of how and from where.
Vectra platform is an AI-driven threat detection and response solution providing the fastest and most efficient way to see and stop cyberattacks
By integrating with public cloud providers including Amazon Web Services AWS, and private cloud virtualisation platforms, and focusing on the control plane, Vectra detects attacks, regardless of if they target the resources individually or the instance itself.
By combining industry-best data science with security research to detect, prioritise, and stop attack campaigns, security teams get only the critical security events that matter and detailed help with how to fix them, and DevOps can deploy applications with speed and confidence knowing their environment is protected.
The Vectra Cognito platform enriches both cloud logs and network metadata with usable information like hostnames, so security teams can keep track of hosts as their IPs change, in addition to users as they authenticate between cloud and on prem workloads.
Patented machine learning models focusing on privileged access keep track of accounts, roles, and identities and how they normally behave, which translates to detection of account takeovers, privilege escalations, and credential abuse. This allows Vectra to give security professionals a complete view of attackers, and how attacks progress, regardless of where it starts, moves, and stops.
As a consequence of these investments in the channel, Vectra saw 40% year-on-year sales growth through its regional channel in 2021 and our METNA partners enjoyed growth of 90% over the same period, with deal registration rates rising by 300%.
Vectra allows detections, host, account scores, metadata to be accessed via APIs, striving to be vendor neutral enabling practitioners to build enterprise scale.