Vectra has been heavily invested in building out technology partnerships with best of breed vendors used by customers in their daily security operation center (SOC) operations. As such Splunk has always featured a prominent place in this mission, especially as the Vectra/Splunk joint solution combine in the SOC visibility triad to give a complete picture of modern enterprise deployments and the threats they face. The only way to empower more efficient security operations is ensuring analysts are working on the right incidents, with the right information, at the right time.
With this backdrop, we are now delighted to announce the expansion of the Vectra partnership with Splunk as a launch partner for Splunk Mission Control, a cloud-based and future-ready unified security operations platform. Vectra is honored to have been selected as the first network detection and response (NDR) solution within the Splunk Partner+ Program and Mission Control Plug-In Framework at launch. Splunk unveiled Splunk Mission Control Plug-In Framework today at Splunk’s .conf20 event to combine Splunk security tools and non-Splunk security tools from a common, cloud-native work surface. When integrated into Splunk Mission Control, these technologies provide unified visibility and control across the entire security ecosystem.
Splunk Mission Control is a unified platform that modernizes and optimizes your team’s security operations. The cloud-based software as a service (SaaS) allows customers to detect, manage, investigate, hunt, contain, and remediate threats and other high-priority security issues across the entire event lifecycle—all from a common work surface.
NDR and SIEM—better together
The Vectra approach to network threat detection blends security researchers’ human expertise with a broad set of data science and advanced machine learning to proactively hunt cyber attackers and reduce business risk in SaaS, IaaS and enterprise networks.
Many organizations are shifting their workloads from client devices and larger enterprise systems inside organizations to the cloud—the new network—itself. The need for security solutions to keep up with this migration, and to be able to detect and stop attacks in the expanded footprint of the cloud, has been detrimental for both Vectra and Splunk joint customers.
The Cognito Platform works in real-time with an organization’s existing cybersecurity investments to accelerate response time, stop the progression of attacks, and avoid data breaches. By tracking account and privilege used in cloud deployments the Vectra detection models are able to detect and stop modern identity-based attacks in the cloud. With Splunk Mission Control, users can now take advantage of Vectra and other leading technologies from one central SaaS-delivered work surface.
Beyond Vectra’s contribution as the primary NDR solution, Splunk’s inaugural partners span across endpoint detection and response (EDR), firewall, and cloud security posture management (CSPM) providers, making it easy to integrate a wide range of traditionally disparate security solutions.
To learn more about the Vectra cloud-based detections, read more or schedule a demo. For more information about the Vectra integration with Splunk visit the partner page.