 back to blog

Automate Response and Speed Remediation with Swimlane and Vectra

November 11, 2019

Security teams are overburdened with alerts, increasing the risk of alert fatigue and allowing attackers to be active inside the enterprise network. In addition, organizations need greater visibility into threats and the devices and accounts used in attacks against them.

That’s why we are happy to announce the integration of Vectra Cognito automated threat detection and response platform with the Swimlane security orchestration, automation and response (SOAR) platform. This integration delivers automated and actionable intelligence that reduces the security team’s workload and the time attackers are active inside the network.

Once the Cognito platform identifies an infected device, its IP address and threat certainty are ingested into Swimlane over an API-first architecture, which centralizes information from the Cognito platform and other systems. Swimlane then triggers automated response workflows to other security tools to notify users, dynamically segment or quarantine the infected device, stop communication with a command and control (C&C) server or prevent data exfiltration across all device types and network tiers.

By combining data science and machine learning, Vectra provides inside-the-network threat detection as a next layer of defense in today’s security infrastructure. With sophisticated automation and response tools seamlessly integrated across the security ecosystem, Swimlane enables an instant automated response to quarantine an infected device and stop communication with a C&C server, providing a foundation that secures against the broadest spectrum of threats.

Together, Cognito and Swimlane deliver automated and actionable intelligence that reduces the security operations center (SOC) workload and the time attackers are active inside the network. Learn more in the solution brief.

Want to learn more?

Vectra® is a leading provider of “seriously intelligent” network detection and response solutions for hybrid and multicloud environments. Vectra does this across the on-prem networks and cloud (IaaS, SaaS, and PaaS), leveraging purpose-built, patented machine learning and AI that covers 97% of the MITRE ATT@CK network-based techniques.

If you’d like to hear more, contact us and we’ll show you exactly how we do this and what you can do to protect your data. We can also put you in contact with one of our customers to hear directly from them about their experiences with our solution.

Get in touch