Vectra AI is integrating its network threat detection and response solution to Microsoft Security Services, according to a press release on the company’s website. The vendor is introducing deep product integration with Microsoft Defender Advanced Threat Protection (ATP) and Microsoft Azure Sentinel. This allows Vectra to extend its NDR detections to the Microsoft security platform.
Vectra’s Cognito Platform is a network detection and response solution that delivers intelligent, AI-driven threat detection for cloud, SaaS, and on-premise footprints. The Cognito Platform utilizes the power of artificial intelligence to intelligently detect threats on a network and takes actions to remediate them. Vectra collects and stores network metadata and enriches it with machine learning, using its customer pre-built SaaS app to investigate and hunt for threats based on AI-driven detections.
The Vectra integration with Microsoft Defender ATP will help users close network visibility gaps and enrich high-fidelity Vectra detections with process-level host-context. It will also allow administrators to more accurately block and isolate attacks rather than resources. In addition, customer will benefit from the integration with Microsoft Azure Sentinel by being able to automate incidents in Azure Sentinel based on Vectra-defined thresholds and perform deep forensic analysis on security incidents.
In the company’s press release, Vectra’s Senior Director, Business Development, stated “Through this collaboration with Microsoft, our customers will see immediate results without the workload that comes with embedded security silos. Ultimately, this combined effort will result in well-coordinated responses, enhancing the efficiency of their security operations, and reducing the attacker dwell times that drive risk for the business.”