Vectra AI Presents AI-Enhanced Hybrid Attack Detection and Response Platform

By Greg Tavarez, TMCnet Editor  |  August 21, 2023

Research, released by Vectra AI and conducted by Sapio Research, found that 63% of SOC analysts report that the size of their attack surface has increased in the last three years, and 67% are unable to manage the number of daily alerts received.

That research makes sense, considering enterprises progressively transfer applications, workloads and data to hybrid and multi-cloud settings. This migration really only charged an escalation in the compartmentalization and intricacy of threat identification and countermeasures.

Therefore, security units find themselves ensnared in a disheartening cycle: That is, an expansion of vulnerable points of attack, a proliferation of elusive attacker tactics, and an augmentation in security alerts, thereby amplifying the workload and susceptibility to burnout among SOC analysts. (Especially in the absence of a proficient remedy for sophisticated hybrid assailants.)

Because of the lack of a proficient remedy, Vectra AI, a player in the AI-driven cyber threat detection and response space, announced the Vectra AI Platform with patented Attack Signal Intelligence to deliver the integrated signal enterprises need to make extended detection and response a reality.

The Vectra AI Platform allows enterprises to integrate Vectra AI’s public cloud, identity, SaaS (News - Alert) and network signal with existing endpoint detection and response signal to arm SOC teams to keep pace with the growing sophistication, speed and scale of hybrid attacks.

Here is how the platform works.

The Vectra AI Platform integrates native and third-party attack signals across hybrid cloud domains, including AWS, Microsoft (News - Alert) Azure, Google Cloud Platform, Microsoft 365, Microsoft Azure AD, networks, and endpoints using the customer’s chosen EDR tool. This integrated signal covers at least 90% of MITRE ATT&CK techniques, blending AI-driven behavior-based detection, signatures and threat intelligence for precise representation of active attacks. It traces attacker movement from data center to cloud and enables robust threat hunting programs and deep forensic investigations.

Vectra AI's Attack Signal Intelligence uses patented AI to automate threat detection, triage and prioritization across hybrid clouds. By analyzing attacker behavior and focusing on key accounts, it reduces alert noise by 80%, distinguishing between malicious and benign events. This system also prioritizes entities across domains based on urgency, saving SOC analysts over three hours daily.

Vectra AI also enhances security teams' investigation and response processes by providing integrated investigations suitable for all levels of expertise. Notable features include Instant Investigations, offering quick start guides for exploring prioritized entities facing attacks, while Advanced Investigation allows in-depth analysis of Azure AD, Microsoft 365 or AWS Control Plane logs directly within the platform's UI. Additionally, its AI-Assisted Investigation utilizes LLMs to furnish analysts with an effortless method to gather comprehensive context on targeted entities.

“The current approach to threat detection and response is fundamentally broken, as more organizations shift to hybrid environments and security teams continue to face increasing cloud complexity, alert fatigue and analyst burnout,” said Hitesh Sheth, president and CEO of Vectra AI. “As the pioneer of AI-driven threat detection and response, our best-in-class platform delivers the most accurate integrated signal across the hybrid enterprise to make XDR a reality at speed and scale.”

With escalating hybrid and multi-cloud attacks, overburdened SOC teams now have support in Vectra AI's Platform and its MDR services. These services encompass collaborative roles, shared attacker behavior insights and transparent SLAs, metrics and reporting.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]