Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution
Vectra AI announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures.
“As enterprises transform, embracing digital identities, supply chains and ecosystems — GRC and SOC teams are forced to keep pace. Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organisations is doing so without adding complexity and cost,” says Kevin Kennedy, SVP Products at Vectra. “Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behavior-based detection for unknown threats in a single solution.”
With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective:
- Correlation and validation of threat signals for accuracy.
- Compliance for network-based CVE detection with compensating controls.
- Threat hunting, investigation and incident response processes.
According to Gartner, “recent trends in the NDR Market indicate many NDR offerings have expanded to capture new categories of events and to analyse additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines. This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises.”
“The attack surface cyber attackers have at their disposal continues to grow exponentially creating unknown threats on top of the tens of thousands of known vulnerabilities that exist. Attackers simply have exponentially more ways to infiltrate an organisation and exfiltrate data — and do so with far more frequency, velocity and impact. Keeping pace with attackers exploiting known vulnerabilities and unknown threats is an immense challenge for every Security, Risk and Compliance officer,” says Ronald Heil, Global Risk Advisory Lead for Energy and Natural Resources and Partner at KPMG Netherlands. “Today, cyber-resilience and compliance requires complete visibility and context for both known and unknown attacker methods. Without it, disrupting and containing their impact becomes an exercise in brand reputation and customer trust damage control. Vectra Match capabilities allow us to combine both worlds, having the continued AI-based detection of real-time “movement”, while also having the ability to check against specific Suricata indicators — often required during incident response or proof of compliancy (e.g., Log4J). Consolidating AI-based and signature-based detection enables optimisation, because in our case, less is more.”
Vectra NDR with Vectra Match
Vectra NDR — a key component of the Vectra platform — provides end-to-end protection against hybrid and multicloud attacks. Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defense (control) for attacks traversing cloud and data centre networks. By harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with:
- AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behavior and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified.
- AI-driven Triage that knows what is malicious by utilising ML to analyse detection patterns unique to the customer’s environment to score how meaningful each detection is, thus reducing 85% of alert noise — surfacing only relevant true positive events that require analyst attention.
- AI-driven Prioritisation that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organisation.
Vectra NDR empowers security and risk professionals with next-level intrusion detection. Armed with rich context on both known and unknown threats, GRC and SOC teams not only improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes.
Vectra NDR with Vectra Match is available for evaluation and purchase today.