Vectra AI-based Cybersecurity Solution Integrates with CrowdStrike
February 2018 by Marc Jacob
Vectra announced a significant technology integration and partnership with CrowdStrike integrating two authoritative views of a cyberattack – the network and the endpoint. Together, Vectra Cognito and CrowdStrike Falcon Insight™ create an efficient security operations workflow that reduces response and investigation time, enabling security teams to quickly mitigate high-risk threats.
CrowdStrike Falcon® complements network-based threat detections from Vectra by providing rich contextual data about specific devices that are under attack in the network, including machine name and operating system. With comprehensive endpoint context, IT security teams can quickly identify malicious processes on the endpoint and respond quickly.
The Vectra integration with CrowdStrike empowers joint customers with:
Comprehensive detection – Monitor both network and endpoint activity to find attackers
Rapid triage – Integrated context from network and endpoint enables analysts to quickly assess potential threats and determine the proper course of action
Streamlined remediation – Enables efficient workflows to contain and mitigate attacks through a one-click pivot between consoles to kill suspect processes or quarantine a host to stop any in-progress attack that meets specific requirements
Cognito automates the hunt for hidden cyberthreats by continuously analyzing all network traffic to detect attacker behaviors inside the network. In addition to automatically correlating detected threats with host devices that are under attack, Cognito provides unique context about what attackers are doing and prioritizes threats that pose the biggest risk. Using artificial intelligence (AI), Cognito combines data science, machine learning and behavioral analytics to reveal attacker behaviors without signatures or reputation lists.
With only a single, lightweight endpoint agent, the CrowdStrike Falcon Insight module enables customers to record everything, hunt for threats, and perform real-time and historical searches on endpoint information, as well as respond to threats and contain suspect hosts. Combining the unique threat detection approach of Cognito with context from CrowdStrike Falcon Insight enables security teams to quickly focus their time and resources on preventing or mitigating loss.
Gartner has positioned Vectra as the only company in the Visionaries quadrant of the 2018 Magic Quadrant for Intrusion Detection and Prevention Systems1. Gartner has positioned CrowdStrike in the Visionaries quadrant of the 2018 Magic Quadrant for Endpoint Protection Platforms2.