Introducing the Vectra AI Platform: the integrated signal powering your XDR

August 8, 2023
Mark Wojtasiak
Vice President of Product Marketing
Introducing the Vectra AI Platform: the integrated signal powering your XDR

Today, we announced our new platform – the Vectra AI Platform, and first and foremost, we want to thank our customers – the hundreds of security leaders, architects, engineers and analysts who gave us their time, shared their challenges, insights, and advice over the course of the last couple years that got us to where we are today.

The Vectra AI Platform was built in partnership with and for our customers. It is the manifestation of countless customer conversations, advisory panels, user feedback sessions, and roadmap reviews. Each interaction with our customers whether it was with a CISO, SOC Leader, Security Architect or SOC Analyst centered on what they want from their security partner, and what they want is outcomes. They want...

  • To be resilient to the ever evolving and emerging sophistication of cyber-attacks.
  • To modernize their security operations with AI and ML without needing to completely start over. 
  • To move at the speed and scale of attackers and stop them earlier in their progression. 

To deliver on customer outcomes, we needed to think upstream and understand what is at the core of their problem. Why was achieving their desired value outcomes so challenging? We all know the symptoms of the problem – at Vectra AI we’ve been referring to it as the spiral of more:

  • More attack surface means more evasive attacker methods
  • More detection tools, rules, complexity and cost
  • More alerts, workload, stress and burnout

The defenders' dilemma: a vicious spiral of more.

But nearly every security company claims to address the symptoms – the pain points. We needed to identify the core problem and build a platform that addressed the challenges of resilience, SOC modernization and moving at the speed and scale of advanced attacks. All three came down to one thing – integrated signal. So, we built the Vectra AI Platform based solely on delivering the integrated Attack Signal Intelligence security leaders, architects, and analysts need to build their resilience, modernize their SOC and keep pace with advanced attacks.

The Integrated signal powering your XDR

As we embarked on this journey, customers often asked us “so are you becoming an XDR?” Oh, the dreaded security category question that translates to “where do you fit?” To answer this question, we always go back to the problem we solve, and the outcomes customers are after.  Here’s how we answer that question:

As enterprises shift to hybrid cloud, attackers become more evasive and new attacker methods emerge. To combat this, customers need real-time, integrated signal across all their hybrid attack surfaces to detect, investigate and respond to hybrid attacks at speed and scale. In our eyes, XDR is simply the market’s admission that EDR is not enough. Organizations need integrated, accurate threat signal across endpoints, networks, identities, and clouds to accelerate detection, investigation and automate incident response. The value of an XDR strategy is integrating signal to accelerate detection, investigation and response. Vectra AI delivers integrated Attack Signal Intelligence at speed and scale, fulfilling the promise of XDR.

So, are we XDR? We are focused on outcomes, not acronyms. We are 100% focused on integrating attack signal across endpoint, network, identity, SaaS and public cloud to detect, prioritize, investigate and respond to attacks at speed and scale. Our goal is to deliver the best integrated attack signal for hybrid cloud enterprises. If that's what you mean by XDR, then yes that is our strategy!

Integrated Signal breaks the spiral of more

Vectra AI's platform and services that power XDR

Integrated signal thinks like a hybrid attacker:

  • Covering more than 90% of MITRE ATT&CK techniques with the most patented and proven MITRE D3FEND countermeasures  
  • Combining AI-driven behavior-based detection, signatures and threat intelligence for the most accurate representation of active attacks in progress  
  • Mapping attacker progression and lateral movement from data center to cloud, cloud to data center and cloud to cloud across networks, identities, SaaS, public clouds. 
  • Zeroing in on attacker behavior, analyzing in many dimensions to see real attacks in a sea of different while patented Privileged Access Analytics (PAA) focuses on accounts most useful to attackers    
  • Learning customers’ unique environments to distinguish between malicious and benign events to eliminate 80% of alert noise  
  • Prioritizing entities (hosts and accounts) across domains based on urgency and importance, saving individual SOC analysts over three hours per day of alert triage   

Integrated signal arms human intelligence with integrated investigations sophisticated enough for experienced analysts, simple enough for junior analysts putting humans in control of response:

  • Instant Investigations arm analysts of every skill-level with quick start guides to investigate prioritized entities under attack 
  • Advanced Investigation enables forensic analysis of Azure AD, Microsoft  365 , or AWS Control Plane logs directly in the platform user interface (UI)        
  • AI-Assisted Investigation leverage s  large language models (LLMs) to provide analysts with a simple way to gather 360 degrees of context on entities under attack 
  • Native and integrated response actions to manually or automatically lock down an account, or isolate an endpoint, trigger a SOAR playbook or ITSM ticket.   

Integrated signal enables Hybrid SOC as SOC teams continue to be stretched thin a s the volume and variety of high-speed hybrid attacks grows.  With the Vectra AI Platform, enterprises  can take advantage of analyst reinforcements in the form of Vectra MDR services including:  

  • Shared roles and responsibilities for monitoring, detection, investigation, hunting and response. 
  • Shared analytics on attacker behavior and emerging attacker methods. 
  • Shared transparency around SLAs, metrics, and reporting.

So, once again, thank you to our customers for keeping us honest, focused and driven by your outcomes because at the end of the day, it’s why we built the Vectra AI Platform. It’s why we believe integrated signal is the key to build resilience to the ever evolving and emerging sophistication of hybrid attacks, to modernizing the SOC and moving at the speed and scale of attackers and stopping them early in their progression.  

For more information on the Vectra AI Platform, check out these resources: