Vectra AI, a pioneer in the cloud and network detection and response (NDR) released extended endpoint detection and response (EDR) native integration support in the Cognito platform to enhance the user experience for the security tools and procedures already deployed in their arsenal.
Providing comprehensive security solutions
By unifying the NDR and EDR experience in a single UI, users get fast, simple, turnkey integrations that offer comprehensive security coverage across the enterprise, IoT devices, hybrid cloud, and cloud-native applications. To build on this coverage, Vectra adds additional support for VMware Carbon Black EDR, VMware Carbon Black Cloud, Sentinel One Singularity, and FireEye Endpoint Security to its extensive list of native EDR integration partners, including CrowdStrike and Microsoft Defender for Endpoint.
Host Lockdown enables the Vectra Cognito platform to automatically disable hosts that show suspicious activity
With these integrations, users extend the unique ability to automatically respond with Vectra Host Lockdown. Host Lockdown enables the Vectra Cognito platform to automatically disable hosts that demonstrate suspicious activity at the endpoint and give analysts the option to manually disable hosts during a security investigation.
Disabling a host will significantly slow down an active attack by limiting an attacker's access to additional resources. This drastically curtails the attack's reach and gives the Security Operations Center (SOC) more time to investigate and remediate attacks.
Extending visibility options
“Vectra has always recognised the need to integrate with the best of breed security solutions and leads the way with over 34 integrations, of which ten are with EDR vendors,” said Jose Malacara, Sr. Product Manager.
“We are committed to offering customers support for their existing tools while expanding their visibility beyond endpoint to network and cloud with the automatic, AI-driven response that makes Cognito so appealing to SOC teams.”
Need for threat detection
It is critical for organisations to have an NDR solution that integrates with a variety of EDR vendors
Modern ransomware and supply chain attacks highlight the need for threat detection not only at the endpoint but also at the network and in the cloud. While other NDR vendors have limited integrations, Vectra is and will continue to build an open platform that’s routed in collaboration and gives organisations complete visibility. These strategically integrated workflows eliminate shifting between security products, so SOC teams can see and stop threats before they become breaches.
According to 451 Research’s Voice of the Enterprise Key Workloads and Projects Advisory report released in September 2020, on average, enterprises have 2.97 endpoint solutions deployed to combat discrepancies in traditional measures highlighted by recent work from home conditions.
To stand the fight against the current threat landscape, it is critical for organisations to have an NDR solution that integrates with a variety of EDR vendors so that full visibility and automated response can be achieved.
- Biometrics
- Industrial security
- Remote security
- Commercial security
- Security management
- Security devices
- Security tagging
- Security monitoring system
- Vehicle tracking
- Intrusion detection
- Industrial security systems
- Network cameras
- Security service
- IP security solutions
- Integration software
- Cyber security
- Internet of Things (IoT)
- Corporate Security
- Data Security
- Cloud security
- Artificial intelligence (AI)
