Vectra + Sentinel One
As the scale and sophistication of network threats continues to increase, businesses need greater visibility into threats and the devices and accounts used in attacks against them. To reduce security operation center (SOC) workload and decrease the time an attacker is allowed to be active in your network it is essential to have a modern security approach that is built on automated and actionable intelligence.
That’s why we are happy to announce the integration of Vectra Cognito automated threat detection and response platform with the Sentinel One Endpoint Protection Platform (EPP). This integration enables a complete and authoritative view of a cyberattack by combining the network and the endpoint.
Once a threat is detected, host identifiers and other host data from Sentinel One are shown automatically in the Vectra Cognito UI to enrich Vectra’s detection information from the network perspective and provide security teams with instant access to additional information for verification and investigation. Detections and risk scoring from Vectra are ingested by Sentinel One and combined with internal behavioral detections to reveal traits and behaviors of a threat that are only visible inside the host, to leverage automated, policy-driven response capabilities to rapidly eliminate the threats.
By combining data science and machine learning, Vectra provides inside-the-network threat detection as a next layer of defense in today’s security infrastructure. And with sophisticated behavioral AI, Sentinel One continuously monitors all endpoint activity and analyzes the data in real time to automatically identify threat activity, enabling it to detect and prevent advanced threats as they happen.
Together, Vectra and Sentinel One lead to fast and well-coordinated responses across all resources, enhance the efficiency of security operations and reduce the dwell times that ultimately drive risk for the business. Learn more in the solution brief.