Vectra expands intelligent response capabilities
Extends Vectra automated enforcement capabilities with Microsoft Defender ATP integration
Vectra AI has expanded the response capabilities for its flagship product, Cognito and its Lockdown feature. This builds on top of the automated identity-based enforcement actions in Vectra Cognito, known as Account Lockdown.
The integration with Microsoft Defender Advanced Threat Protection (ATP) will enable Cognito to deliver well-coordinated instantaneous responses directly on device-level. With the ability to block and isolate attackers, not resources, customers will be able to reduce the dwell times without disrupting regular operation.
With the new Microsoft Defender ATP integration, automated response actions are taken one step further, and Cognito Lockdown takes immediate enforcement actions right on the devices involved in an attack.
According to the company, this automation will allow customers to enhance the efficiency of their security operations and spend their time and resources on investigating critical incidents.
Vectra VP of Product Management Kevin Kennedy said: “Together with Microsoft Defender ATP, we can apply the precision of our automated response technology to immediately stop attackers right at the endpoints, before they can act.”
“Integration between Vectra Cognito and Microsoft Defender ATP enables customers to respond to attacks at the endpoints based on Vectra's attacker behaviour detections,” added Alon Rosental, Group Program Manager, Microsoft. “As a result, Vectra gives them the precision and speed they need to tackle any attack without causing disruption.”
Vectra is the first NDR solution to confront automated enforcement based on prioritised, high fidelity attacker behaviours and surgical, identity-based enforcement action. This safeguards malicious access to resources that are critical to the host organisation. Building on this momentum, Vectra has also been invited to become a member of the Microsoft Intelligent Security Association, an ecosystem of independent software vendors purpose-built to defend against increasing cyber threats.
The Vectra open platform and rich technology ecosystem has empowered security operations teams to experience reduced workload, deeper context, and faster, more accurate response.