Actu
Vectra integrates network threat detection and response for Microsoft Security Services
June 2020 by Marc Jacob
Vectra AI announced deep product integration with Microsoft Defender Advanced Threat Protection (ATP) and Microsoft Azure Sentinel to elevate Vectra’s unique NDR detections to the Microsoft security platform in the Security Operations Centre (SOC) enabling more capability to prevent attackers from establishing footholds across enterprise networks. Vectra has also been invited to become a member of The Microsoft Intelligent Security Association, an ecosystem of independent software vendors purpose-built to defend against increasing cyber threats. A model of modern security operations, the SOC visibility triad, anchored by Vectra’s NDR platform, provides organisations with full visibility into the threats that face their network from cloud to ground.
Traditional SOC processes involving disparate notification tools force analysts to battle massive amounts of inbound alerts, where missed signals are common, and prioritisation of alerts is sparse. Since inception, Vectra has been committed to amplifying the efficiency of existing teams by combining data science and security research to detect and triage attacker behaviours. With Vectra’s open platform and rich technology ecosystem, security operations teams experience reduced workload, deeper context, and faster, more accurate response by leveraging tools they already know and prefer.
Jitin Dhanani, Senior Director, Business Development, Vectra, adds, “Through this collaboration with Microsoft, our customers will see immediate results without the workload that comes with embedded security silos. Ultimately, this combined effort will result in well-coordinated responses, enhancing the efficiency of their security operations, and reducing the attacker dwell times that drive risk for the business.”
Customer benefits of Vectra Integration with Microsoft Defender ATP include:
• Close the network visibility gaps by combining Vectra’s full 360-degree aerial view of interactions on all your networks with the in-depth ground-level view.
• Enrich the high-fidelity Vectra detections with deep process-level host-context from, giving professionals the information needed to pinpoint attackers.
• Block and isolate attackers, not resources. Take surgical and immediate enforcement actions from Vectra closer to the source.
Customer benefits of Vectra Integration with Microsoft Azure Sentinel include:
• Bring the Vectra high fidelity behavioural detections straight to your Sentinel Workbook for immediate attention with direct links into the Vectra UI for deeper analysis.
• Automate incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra.
• Perform forensic analysis on incidents to identify devices, accounts, and attackers involved. Leverage Vectra threat intelligence feed to proactively prevent future attacks.
This announcement comes on the heels of an exceptional year of growth for Vectra. In 2019 alone, the company raised $100 million in funding, integrated Vectra with Microsoft Office 365, added two executives to their senior leadership team, expanded business operations in the Middle East and Asia-Pacific regions, disclosed several significant new attack surfaces to the market, and earned numerous industry accolades from top tier analyst and award programs.
