 back to blog

Automate Response and Speed Remediation with Swimlane and Vectra

November 11, 2019
Please note that this is an automated translation. For the most accurate information, refer to the original version in English.

Security teams are overburdened with alerts, increasing the risk of alert fatigue and allowing attackers to be active inside the enterprise network. In addition, organizations need greater visibility into threats and the devices and accounts used in attacks against them.

That’s why we are happy to announce the integration of Vectra Cognito automated threat detection and response platform with the Swimlane security orchestration, automation and response (SOAR) platform. This integration delivers automated and actionable intelligence that reduces the security team’s workload and the time attackers are active inside the network.

Once the Cognito platform identifies an infected device, its IP address and threat certainty are ingested into Swimlane over an API-first architecture, which centralizes information from the Cognito platform and other systems. Swimlane then triggers automated response workflows to other security tools to notify users, dynamically segment or quarantine the infected device, stop communication with a command and control (C&C) server or prevent data exfiltration across all device types and network tiers.

By combining data science and machine learning, Vectra provides inside-the-network threat detection as a next layer of defense in today’s security infrastructure. With sophisticated automation and response tools seamlessly integrated across the security ecosystem, Swimlane enables an instant automated response to quarantine an infected device and stop communication with a C&C server, providing a foundation that secures against the broadest spectrum of threats.

Together, Cognito and Swimlane deliver automated and actionable intelligence that reduces the security operations center (SOC) workload and the time attackers are active inside the network. Learn more in the solution brief.

Want to learn more?

Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

If you’d like to hear more, contact us and we’ll show you exactly how we do this and what you can do to protect your data. We can also put you in contact with one of our customers to hear directly from them about their experiences with our solution.

Get in touch