Vectra AI has announced deep product integration with Microsoft Defender Advanced Threat Protection and Microsoft Azure Sentinel to elevate Vectra’s unique NDR detections to the Microsoft security platform in the Security Operations Centre, enabling more capability to prevent attackers from establishing footholds across enterprise networks. Vectra has also been invited to become a member of The Microsoft Intelligent Security Association, an ecosystem of independent software vendors purpose-built to defend against increasing cyber threats. A model of modern security operations, the SOC visibility triad, anchored by Vectra’s NDR platform, provides organizations with full visibility into the threats that face their network from cloud to ground.
Traditional SOC processes involving disparate notification tools force analysts to battle massive amounts of inbound alerts, where missed signals are common, and prioritisation of alerts is sparse. Since inception, Vectra has been committed to amplifying the efficiency of existing teams by combining data science and security research to detect and triage attacker behaviours. With Vectra’s open platform and rich technology ecosystem, security operations teams experience reduced workload, deeper context, and faster, more accurate response by leveraging tools they already know and prefer.
Customer benefits of Vectra Integration with Microsoft Defender ATP include:
- Close the network visibility gaps by combining Vectra’s full 360-degree aerial view of interactions on all your networks with the in-depth ground-level view.
- Enrich the high-fidelity Vectra detections with deep process-level host-context from, giving professionals the information needed to pinpoint attackers.
- Block and isolate attackers, not resources. Take surgical and immediate enforcement actions from Vectra closer to the source.
Customer benefits of Vectra Integration with Microsoft Azure Sentinel include:
- Bring the Vectra high fidelity behavioural detections straight to your Sentinel Workbook for immediate attention with direct links into the Vectra UI for deeper analysis.
- Automate incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra.
- Perform forensic analysis on incidents to identify devices, accounts, and attackers involved. Leverage Vectra threat intelligence feed to proactively prevent future attacks.
“Vectra’s integration of Azure Sentinel and Microsoft Defender ATP will help further empower our customers by allowing them to reduce cyber noise and focus on the most complex issues and threats,” said Mandana Javaheri, Global Director, Cybersecurity Solutions Group at Microsoft. “The complete visibility combined with high fidelity attacker behaviours detections helps significantly strengthen our customers security posture.”
Jitin Dhanani, Senior Director, Business Development, Vectra, adds, “Through this collaboration with Microsoft, our customers will see immediate results without the workload that comes with embedded security silos. Ultimately, this combined effort will result in well-coordinated responses, enhancing the efficiency of their security operations, and reducing the attacker dwell times that drive risk for the business.”