Vectra - AI Attack Detection and Threat Hunting
Vectra® is an artificial intelligence company that is transforming cybersecurity. Its Cognito™ platform is the fastest, most efficient way to detect and respond to cyber attacks, reducing security operations workload by 168X. Cognito performs real-time attack hunting by analyzing rich metadata from network traffic, relevant logs and cloud events to detect attacker behaviors within all cloud and data center workloads, and user and IoT devices. Cognito correlates threats, prioritizes hosts based on risk and provides a rich context to empower response. Cognito integrates with endpoint, NAC, firewall security to automate containment, and provides a clear starting point for searches within SIEM and forensic tools.
WIRD Group has been a Vectra partner of the first hour for offering these highly innovative, ai-based security solutions to Swiss corporate and institutional clients.
The Vectra Cognito Platform Consists of Detect and Recall
Cognito Detect™
-
Reveal hidden and unknown attackers in real time with machine learning, data science and behavioral analytics working in concert.
-
Conclusively detect threats based on indicators of compromise from hunting operations and high-quality threat intelligence feeds.
-
Full threat context eliminates manual guesswork and puts the most relevant attack details at the analyst's fingertips.
-
Drive dynamic incident response rules and automatically trigger responses from existing security enforcement points.
Cognito Recall™
-
Hunt for threats retrospectively to determine whether newly discovered indicators of compromise exist in historical data.
-
Accelerate incident investigations with conclusive, actionable context about compromised devices and workloads over time.
-
Quickly and easily find all devices or workloads accessed by compromised accounts and identify files involved in exfiltration.
-
Rich, historical metadata is stored in the cloud for as long as it is needed to augment incident investigations.