Service Desk
Send Request
Have Questions? 0888420972
Main Menu
Main Menu

Vectra AI

Global provider of Network Detection & Response (NDR)
Learn More about Vectra AI
Network Detection & Response (NDR) solution for detecting and stopping threats through network traffic analysis

Implementing a modern NDR solution in combination with and integration with an EDR solution and Active Directory will enhance the organization’s protection from an additional set of cyberattacks developing and spreading across the organization’s network that would otherwise go unnoticed by traditional security solutions. The NDR solution extracts and analyzes network traffic data in the organization and, based on machine learning algorithms, monitors for suspicious behavior typical of various types of attacks, including Command & Control communication, Hidden tunnels, Reconnaissance, Lateral movement, data extraction and exfiltration. Some of the advantages for the organization after implementing such a solution are the following:

  • Fast deployment, easy management and protection immediately after solution implementation;
  • Real-time threat detection with the ability to proactively protect and automatically stop the attack, through integration with EDR, N GFW, Active Directory and other third-party solutions;
  • Capture and detect threats across the organization's entire network traffic (East-West and North-South);
  • Identifying threats in encrypted traffic without the need to decrypt it;
  • Reducing the number of alarms by correlating and merging interconnected events into a single incident;
  • Dynamic risk assessment of individual hosts and users in the organization's network based on their behavior over time.
  • Providing a single-pane view of high-risk hosts and users within the organization, enabling rapid response and risk mitigation measures;
  • Using passive traffic inspection techniques that do not introduce latency into the network and do not impact the performance of existing services and applications;
  • The solution uses machine learning and artificial intelligence algorithms to detect unknown threats that bypass the protection of traditional signature-based solutions;
  • It builds a model of interactions between different user accounts, hosts, and services in the monitored network, based on which it can detect anomalies and detect abuse of privileged accounts, such as atypical use of a user account on different devices or use of services on hosts that the user does not usually use;
  • Identifies hosts and accounts affected by a specific attack campaign, allowing analysts to identify all affected hosts and accounts, understand the origin of the attack and the sequence of events, and limit the progression of the attack;
Vectra AI enables real-time threat detection, both in on-premises data centers and in cloud environments/services such as Amazon, AWS, and Microsoft.

The solution detects unusual behavior of information systems by applying behavioral analysis of network traffic data. Network packets are analyzed using hardware or virtual sensors attached to network devices, and threats can be identified even in encrypted traffic without the need to decrypt it. A strong emphasis is placed on machine learning, working with Supervised, Unsupervised and Deep learning algorithms, providing broad coverage for early detection of attacker behavior and techniques.

Some of the distinctive advantages of Vectra AI over similar products:

  • Behavioral threat detection – Vectra AI detects threats at an early stage by identifying behavioral indicators and actions typical of attackers and by comparing what is happening with the tactics and techniques described in the MITRE ATT&CK framework. The system does not depend on rules and signatures, and can work fully in an air-gap environment.
  • Complete coverage of the hybrid infrastructure (Network, Public Cloud, Identity, SaaS & Endpoint) – Vectra provides complete coverage of 4 of the 5 pillars, as well as two-way integration with the leading EDR solutions on the market, ensuring comprehensive protection of any hybrid infrastructure.
  • “Signal Clarity” (significant reduction of “noise” – false-positive alarms) – Vectra AI detects and consolidates in one place information about suspicious activities in the behavior of different hosts, users and applications, leading to a common threat (e.g. C2C communication) and provides a single view of the progress and spread of the threat. All detected suspicious activities are accompanied by a description of the pattern of their detection, which significantly eases the work of SOC analysts and allows for a quick and timely response to a threat.

Products and services

Contacts

  • Office

Business Center Regus, 14 Tzar Osvoboitel Str., Sofia 1000, Landmark Building, 5 th floor

Linkedin Facebook
  • Contact Address

Bulgaria, 1729 Sofia, Mladost 1A, block. 532, enter 2, floor 6, ap. 16

© 2023 Nikrama. Privacy Policy

Изпрати на приятел