Vectra and Microsoft Complete the SOC Triad

Cloud to Ground Visibility

It’s impossible to defend what you can’t see. Combine a 360-degree view of identities and interactions across your cloud and datacenter from Vectra. Ground-level device and process view from Defender ATP. Rich application and log data from SaaS deployments such as O365 in Azure Sentinel.

Instantaneous Insights

When attackers are in your environment, speed matters. Bring the Vectra high fidelity behavioral and identity detections straight to your Sentinel Workbook for immediate attention. Arm analysts with rich host level details from Defender ATP right in Vectra for quicker investigations.

Informed Response

Block and isolate attackers, not resources. Reduce the risk of breach by taking surgical and immediate enforcement actions from Vectra closer to the source using Defender ATP. Automate incident response in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra.

The SOC Visibility Triad from Gartner combines NDR, EDR and SIEM to offer modern SOCs complete visibility of their environment.

Learn More

Microsoft Defender ATP integration in Vectra

  • Combine Vectra cloud and datacenter detections with in-depth information from Microsoft Defender ATP
  • Bring deep process-level host-context from Microsoft Defender ATP into the Vectra Cognito Detect UI
  • Isolate or disable hosts from Vectra Cognito Detect using Microsoft Defender ATP
  • Combine Vectra cloud and datacenter detections with in-depth information from Microsoft Defender ATP
  • Bring deep process-level host-context from Microsoft Defender ATP into the Vectra Cognito Detect UI
  • Isolate or disable hosts from Vectra Cognito Detect using Microsoft Defender ATP

Vectra custom workbooks in Azure Sentinel

  • Bring Vectra Cognito detections straight to your Sentinel Workbook for immediate attention
  • Automate incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra
  • Perform forensic analysis on incidents to identify devices, accounts, and attackers involved
  • Bring Vectra Cognito detections straight to your Sentinel Workbook for immediate attention
  • Automate incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra
  • Perform forensic analysis on incidents to identify devices, accounts, and attackers involved

See how Vectra and Microsoft fulfill the SOC triad

Microsoft Intelligent Security Association Member

Vectra is a proud member of Microsoft Intelligent Security Association (MISA). Find out more.