Vectra AI has strengthened its leadership in Security Operation Centre (SOC) transformation and AI-driven analytics by joining CrowdStrike's CrowdXDR Alliance as a partner.
Becoming a CrowdStrike partner also expands upon the capabilities of Falcon XDR.
The CrowdXDR Alliance is an industry-first technology ecosystem that combines security and IT offerings to provide security teams with unified threat-centric detection and response.
Vectra acknowledges that IT leaders are increasingly looking at XDR for a more unified approach to detecting and mitigating cyber threats across the current landscape by implementing automation and analytics.
It adds that the company's ‘assume compromise' approach has resulted in a change from reactive to proactive threat detection capabilities, which is a crucial step in transforming the traditional SOC.
“XDR brings an intelligent and platform-based approach to cybersecurity, a much-needed evolution in IT security strategy,” Vectra Asia Pacific and Japan regional vice president David Sajoto says.
“We are delighted to be a partner in the CrowdXDR Alliance, sharing our expertise and capabilities to support the Alliance's shared goals of detecting advanced threats, stopping malicious actors and preventing future attacks.
According to Gartner, vendor consolidation is among the top security and risk management trends for 2022.
Vectra says this highlights that security leaders must move beyond strategies to protect an expanding digital footprint against emerging threats.
“Since its inception, the CrowdXDR Alliance has been committed to open and unified data sharing amongst our trusted technology partners,” CrowdStrike APAC - Japan sales engineering vice president Sheriff El Nabawi says.
“Together, we work with a long-term vision towards solving gaps in cyber threat investigation and threat detection.
“Combining our strong response capabilities has established a more holistic view and community-driven approach for proactive action towards cybersecurity defence.
Sajoto agrees, noting that an open XDR alliance is a vital first step in addressing the complex and rapidly evolving threat landscape that security teams are now facing.
He also believes that given the scale, intensity, and sophistication of modern-day cyber-attacks, prevention alone and the analysis of high-volume low-relevance anomalies is no longer enough.
“Today's SOC is putting their organisation at risk if they don't accelerate forward from traditional prevention only strategies,” Sajoto adds.
“Attackers are agile, constantly evolving their approach and applying more advanced surveillance and attack methods every time.
“Vectra is at the forefront of driving SOC transformation, moving away from traditional security approaches and enabling total attack surface coverage and containment.
“The road to cyber resilience for many businesses will require a transformed, AI-driven SOC.
This partnership comes after Vectra became an Amazon Web Services (AWS) Security Competency Partner.
According to Vectra, the announcement further confirms its technical expertise and proven customer success when safeguarding AWS environments.
The competency designation recognises that Vectra has demonstrated deep cloud security expertise and has proven technology that helps customers further enhance their security measures across hybrid architectures and cloud environments.
An Amazon Web Services Security Competency differentiates Vectra as an AWS Partner Network (APN) member that provides specialised threat detection technology designed to help enterprises adopt, develop, and deploy complex security projects on Amazon Web Services. To receive this designation, APN members must possess deep AWS expertise and deliver solutions seamlessly on Amazon Web Services. Vectra achieved its AWS Security Competency status through a rigorous qualification process based on customer references and feedback.
The Vectra platform integrates with AWS Virtual Private Cloud (VPC) traffic mirroring to monitor all infrastructure-as-a-service traffic. It also works with AWS Security Hub to publish Vectra detections as findings in the hub, allowing security teams to correlate Vectra attacker detections with other data sources for faster threat hunting and incident investigations.