Vectra AI is named a Leader in the 2025 Gartner Magic Quadrant for Network Detection and Response (NDR). >
NEW

Vectra AI is named a Leader in the 2025 Gartner Magic Quadrant for Network Detection and Response (NDR).    Download Report. >

Vectra AI、2025年ガートナーのネットワーク検知とレスポンス (NDR) のマジック・クアドラントにおいてリーダーの1社に
Hamburger icon top line
Hamburger icon middle line
Hamburger icon bottom line
Vectra AI Platform

Introducing AI-Assisted Search: Clarity at the Speed of a Question

October 15, 2025
Tiffany Nip
Senior Product Marketing Manager
Gearóid Ó Fearghaíl
Senior Group Product Manager
Introducing AI-Assisted Search: Clarity at the Speed of a Question

Security teams don’t struggle because of a lack of data - they struggle because of a lack of signal and context.

The Vectra AI Platform solves that by delivering the signal clarity and context analysts need to prioritize, investigate, and hunt hybrid attacks in real time.

Now, we’re extending that clarity and context further with AI-Assisted Search - a faster, simpler way to investigate and hunt across your modern network.

See the Full Story Behind Every Threat

AI-Assisted Search lets analysts ask investigative or hunting questions in plain language.

AI-Assisted Search in the Vectra AI Platform showing tips to hunt Scattered Spider
AI-Assisted Search in the Vectra AI Platform

Powered by AI-enhanced metadata from across network, identity, and cloud, it returns immediate, context-rich answers and even suggests what to explore next.

It’s like having an investigation and hunting companion inside the Vectra AI Platform -  one that not only gives you the query results, but also provides suggestions and recommended next steps to guide your investigation and hunting - helping you uncover what you didn’t know to look for.

Use Cases: Where AI-Assisted Search Delivers Instant Insight

Below are examples of how you can use AI-Assisted Search to turn questions into insights in no time.

Investigate Hybrid Threats

Modern attacks rarely stay in one domain. AI-Assisted Search helps analysts trace activity across network, identity, and cloud - from the first sign of compromise to lateral movement.

Try asking:

  • “Show me RDP or NTLM authentications between my domain controllers and untrusted hosts.”
  • “Which cloud identities accessed on-prem servers this week?”
  • “List all systems communicating with external IPs over uncommon ports.”
  • “Identify users with repeated authentication failures followed by successful logins.”

AI-Assisted Search correlates this activity automatically, surfacing suspicious behaviors that may indicate hybrid or multi-stage attacks - giving teams the full picture faster.

Validate Exposure to CVEs and New Threats

When a new vulnerability is published, the first question every analyst asks is, are we impacted?

With AI-Assisted Search, you can validate potential exposure instantly - without waiting for new signatures or building queries manually.

Try asking:

  • “Check if any hosts connected to domains linked to the latest Cisco CVE.”
  • “Show me devices running outdated versions of OpenSSL.”
  • “Find systems using SMBv1 or weak ciphers.”
  • “List all external connections made to suspicious IP ranges last week.”

AI-Assisted Search helps teams confirm exposure in minutes - saving time and providing immediate peace of mind during patch cycles or threat disclosures.

Hunt for Known Threat Actors

Threat groups like Scattered Spider, Volt Typhoon, or Qilin are constantly evolving. Their indicators change, but their behaviors don’t. AI-Assisted Search lets analysts quickly look for tactics, techniques, or infrastructure tied to specific actors - using the rich metadata already in the platform.

Try asking:

  • “Help me hunt for Scattered Spider activity in my network.”
  • “Show me any use of PowerShell with encoded commands.”
  • “Find lateral movement attempts using SMB shares or RDP.”
  • “List hosts communicating with domains containing .top or .ru.”

With built-in recommendations, you can pivot from one behavior to another seamlessly — following the trail like a seasoned threat hunter.

Ensure Compliance and Strengthen Governance

Beyond threat detection, AI-Assisted Search uncovers policy violations and compliance risks before they become audit findings.

Teams can verify proper data handling, access control, and configuration hygiene - all through simple questions.

Try asking:

  • “Show me any unsecured file shares containing sensitive data.”
  • “Find hosts using outdated browsers or unpatched systems.”
  • “Who accessed HR files outside business hours?”
  • “List all users with admin privileges on non-admin systems.”

The ability to quickly confirm compliance posture helps organizations close gaps, reduce audit findings, and maintain stronger governance.

Understand Your Modern Network Better

Visibility is clarity. From uncovering shadow IT to tracking data flows, the feature helps analysts gain deeper institutional knowledge of how their hybrid environment behaves.

Try asking:

  • “Which devices are consuming the most network bandwidth?”
  • “Are there any unmanaged hosts communicating with my domain controllers?”
  • “Show me new cloud identities created in the past 24 hours.”

These insights help teams baseline normal activity, detect anomalies early, and build confidence in their visibility.

Why It Matters

AI-Assisted Search brings the full power of Vectra AI’s enriched metadata to every analyst — transforming data into understanding.

Customers in early access saved up to three hours per investigation and uncovered insights they might have missed, from hidden compliance risks to dormant attack paths.

It’s not just faster — it’s clarity at the speed of a question.

AI-Assisted Search is now available to customers with 14+ days of metadata retention. Upgrade your retention plan to unlock this capability and see the full story behind every threat.

Watch the demo to see how you can move from question to clarity with AI-Assisted Search.

FAQs