Vectra AI, the AI-driven hybrid cloud threat detection and response company, has announced the introduction of Vectra Match.
Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures.
Kevin Kennedy, SVP Products at Vectra, says, "As enterprises transform embracing digital identities, supply chains and ecosystems GRC and SOC teams are forced to keep pace.
"Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organisations is doing so without adding complexity and cost."
With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective:
- Correlation and validation of threat signals for accuracy
- Compliance for network-based CVE detection with compensating controls
- Threat hunting, investigation and incident response processes
David Sajoto, Vice President Vectra Asia Pacific Japan, comments, "CISOs and their SOC teams across Australia and New Zealand are working with a challenging lack of visibility across their hybrid cloud environments, as attacker behaviour continues to evolve.
"Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behaviour-based detection for unknown threats in a single solution."
According to Gartner, recent trends in the NDR market indicate many NDR offerings have expanded to capture new categories of events and to analyse additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines.
This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises, the analysts state.
Vectra NDR, a key component of the Vectra platform, provides end-to-end protection against hybrid and multicloud attacks.
Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defence (control) for attacks traversing cloud and data centre networks.
According to the company, by harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with the following:
- AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behaviour and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified.
- AI-driven Triage that knows what is malicious by utilising ML to analyse detection patterns unique to the customers environment to score how meaningful each detection is, thus reducing 85% of alert noise surfacing only relevant true positive events that require analyst attention.
- AI-driven Prioritisation that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organisation.
Vectra NDR is designed to help security and risk professionals with next-level intrusion detection. Armed with context on both known and unknown threats, GRC and SOC teams can improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes.