Product Integration Reduces SOC Workload and Amplifies Accurate Response, Vectra to Join Microsoft Intelligent Security Association
SAN JOSE, Calif., June 9, 2020 /PRNewswire/ — Vectra AI, a leader in network threat detection and response (NDR), today announced deep product integration with Microsoft Defender Advanced Threat Protection (ATP) and Microsoft Azure Sentinel to elevate Vectra’s unique NDR detections to the Microsoft security platform in the Security Operations Center (SOC) enabling more capability to prevent attackers from establishing footholds across enterprise networks. Vectra has also been invited to become a member of The Microsoft Intelligent Security Association, an ecosystem of independent software vendors purpose-built to defend against increasing cyber threats. A model of modern security operations, the SOC visibility triad, anchored by Vectra’s NDR platform, provides organizations with full visibility into the threats that face their network from cloud to ground.
Traditional SOC processes involving disparate notification tools force analysts to battle massive amounts of inbound alerts, where missed signals are common, and prioritization of alerts is sparse. Since inception, Vectra has been committed to amplifying the efficiency of existing teams by combining data science and security research to detect and triage attacker behaviors. With Vectra’s open platform and rich technology ecosystem, security operations teams experience reduced workload, deeper context, and faster, more accurate response by leveraging tools they already know and prefer.
Jitin Dhanani, Senior Director, Business Development, Vectra, adds, “Through this collaboration with Microsoft, our customers will see immediate results without the workload that comes with embedded security silos. Ultimately, this combined effort will result in well-coordinated responses, enhancing the efficiency of their security operations, and reducing the attacker dwell times that drive risk for the business.”
Customer benefits of Vectra Integration with Microsoft Defender ATP include:
- Close the network visibility gaps by combining Vectra’s full 360-degree aerial view of interactions on all your networks with the in-depth ground-level view.
- Enrich the high-fidelity Vectra detections with deep process-level host-context from, giving professionals the information needed to pinpoint attackers.
- Block and isolate attackers, not resources. Take surgical and immediate enforcement actions from Vectra closer to the source.
Customer benefits of Vectra Integration with Microsoft Azure Sentinel include:
- Bring the Vectra high fidelity behavioral detections straight to your Sentinel Workbook for immediate attention with direct links into the Vectra UI for deeper analysis.
- Automate incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra.
- Perform forensic analysis on incidents to identify devices, accounts, and attackers involved. Leverage Vectra threat intelligence feed to proactively prevent future attacks.
“Vectra’s integration of Azure Sentinel and Microsoft Defender ATP will help further empower our customers by allowing them to reduce cyber noise and focus on the most complex issues and threats,” said Mandana Javaheri, global director, Cybersecurity Solutions Group at Microsoft Corp. “The complete visibility combined with high fidelity attacker behaviors detections helps significantly strengthen our customers security posture.”
This announcement comes on the heels of an exceptional year of growth for Vectra. In 2019 alone, the company raised $100 million in funding, integrated Vectra with Microsoft Office 365, added two executives to their senior leadership team, expanded business operations in the Middle East and Asia-Pacific regions, disclosed several significant new attack surfaces to the market, and earned numerous industry accolades from top tier analyst and award programs.
Learn more about Vectra’s integration with Microsoft here.
Vectra® is a leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. For more information, visit vectra.ai.