9 Jun 2020

Vectra AI, a pioneer in network threat detection and response (NDR) announced deep product integration with Microsoft Defender Advanced Threat Protection (ATP) and Microsoft Azure Sentinel to elevate Vectra’s unique NDR detections to the Microsoft security platform in the Security Operations Center (SOC) enabling more capability to prevent attackers from establishing footholds across enterprise networks.

Vectra has also been invited to become a member of The Microsoft Intelligent Security Association, an ecosystem of independent software vendors purpose-built to defend against increasing cyber threats. A model of modern security operations, the SOC visibility triad, anchored by Vectra’s NDR platform, provides organisations with full visibility into the threats that face their network from cloud to ground.  

Enhancing security operations

Traditional SOC processes involving disparate notification tools force analysts to battle massive amounts of inbound alerts, where missed signals are common, and prioritization of alerts is sparse. Since its inception, Vectra has been committed to amplifying the efficiency of existing teams by combining data science and security research to detect and triage attacker behaviors. With Vectra’s open platform and rich technology ecosystem, security operations teams experience reduced workload, deeper context, and faster, more accurate responses by leveraging tools they already know and prefer. This combined effort will result in well-coordinated responses, enhancing the efficiency of their security operations

Jitin Dhanani, senior director, Business Development, Vectra, adds, “Through this collaboration with Microsoft, our customers will see immediate results without the workload that comes with embedded security silos. Ultimately, this combined effort will result in well-coordinated responses, enhancing the efficiency of their security operations, and reducing the attacker dwell times that drive risk for the business.”

Benefits

Customer benefits of Vectra Integration with Microsoft Defender ATP include:

  • Close the network visibility gaps by combining Vectra’s full 360-degree aerial view of interactions on all your networks with the in-depth ground-level view.
  • Enrich the high-fidelity Vectra detections with deep process-level host-context, giving professionals the information needed to pinpoint attackers.
  • Block and isolate attackers, not resources. Take surgical and immediate enforcement actions from Vectra closer to the source.  

Customer benefits of Vectra Integration with Microsoft Azure Sentinel include:

  • Bring the Vectra high fidelity behavioral detections straight to your Sentinel Workbook for immediate attention with direct links into the Vectra UI for deeper analysis.
  • Automate incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra.
  • Perform forensic analysis on incidents to identify devices, accounts, and attackers involved. Leverage Vectra threat intelligence feed to proactively prevent future attacks.

Strengthening security

Vectra’s integration of Azure Sentinel and Microsoft Defender ATP will help further empower our customers by allowing them to reduce cyber noise and focus on the most complex issues and threats,” said Mandana Javaheri, global director, Cybersecurity Solutions Group at Microsoft Corp. “The complete visibility combined with high fidelity attacker behaviours detections helps significantly strengthen our customer’s security posture.”

This announcement comes on the heels of an exceptional year of growth for Vectra. In 2019 alone, the company raised $100 million in funding, integrated Vectra with Microsoft Office 365, added two executives to their senior leadership team, expanded business operations in the Middle East and Asia-Pacific regions, disclosed several significant new attack surfaces to the market, and earned numerous industry accolades from top tier analyst and award programs.