 back to blog

Vectra AI's User-Centric Approach to Delivering Advanced Attack Signal Intelligence

Padraig Mannion
Director of UX
May 3, 2023
Please note that this is an automated translation. For the most accurate information, refer to the original version in English.

Vectra AI is dedicated to developing powerful AI-driven tools to identify advanced cyber attackers in hybrid and multi-cloud environments. By engaging in extensive conversations with our users and understanding their needs, we have updated our scoring model and introduced a streamlined workflow to help cybersecurity professionals prioritize threats more effectively and better manage their daily tasks.

The New Urgency Score: A User-Centric Approach to Threat Prioritization

“Give me transparency of your scoring, help me understand what it is doing and let me optimise it for my environment.” -Finance Sector

Based on valuable user feedback, we've replaced the high-level concepts of threat and certainty with the more granular and comprehensive Urgency Score. This user-centric metric is designed to be unambiguous, weighted correctly across attack surfaces, and can be broken down into individual components, allowing cybersecurity professionals to better understand the prioritization of threats and respond accordingly.

The Urgency Score combines Vectra AI's advanced Attack Rating with user-defined Entity Importance, providing more effective threat prioritization.

The Attack Rating considers a combination of detections observed on individual hosts or accounts, attack velocity and the breadth of detections across the kill chain stages.

The Entity Importance is primarily determined by the user, allowing them to create groups for hosts or accounts and assign importance values. Vectra AI also leverages its learning models to treat hosts and accounts with high privilege access as high-importance entities.

“if something is caught in my financial network, I want to know first, even if it’s in the lower quadrant, that has a bigger impact then something that is in critical from my user network… being able to have a weight on a network assignment within Vectra would be phenomenal” -Healthcare Sector

Streamlined Workflow with Respond andHunt Pages: A Response to User Needs

The redesigned workflow, featuring the Respond and Hunt pages, significantly improves the way users interact with Vectra AI's platform, thanks to insights gathered from user feedback.

The Respond page serves as a to-do list for SOC analysts, displaying only entities with significant Urgency Scores that warrant an alert or notification. This prioritized list helps analysts understand what issues need to be addressed and in what order, ensuring they stay focused on the most important tasks.

The Hunt page, on the other hand, is an AI-powered gateway for proactive threat hunting. It provides a view of all entities in the environment, even those with behaviours not significant enough to warrant an alert from Vectra. This comprehensive list allows users to identify subtle patterns that may be significant to their investigations.

By placing user needs at the forefront, Vectra AI's new Urgency Score and enhanced workflow provide cybersecurity professionals with a more effective and user-friendly platform for threat prioritization and management. This user-centric approach empowers users to better address their security needs, ultimately strengthening their overall cybersecurity posture. Learn more about Vectra's AI-driven Threat Detection and Response platform, today.

Want to learn more?

Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

If you’d like to hear more, contact us and we’ll show you exactly how we do this and what you can do to protect your data. We can also put you in contact with one of our customers to hear directly from them about their experiences with our solution.

Get in touch