Vectra introduces Cognito Recall to deliver AI-assisted threat hunting and enable conclusive incident investigations
Vectra today announced a major expansion of the Cognito platform with Cognito Recall. A comprehensive source of enriched metadata, Cognito Recall empowers highly-skilled security analysts to conduct conclusive incident investigations and perform AI-assisted threat hunting.
Many of today’s threat hunting tools enlist manual techniques, suffer from inflexible data retention and access, rely on expensive and proprietary storage, and lack the fidelity and context required for swift and thorough attack investigations.
Cognito Recall rises above these deficiencies by collecting, analyzing and storing as much metadata as needed for forensic investigations and compliance mandates like GDPR. It also empowers AI-assisted threat hunting using high-quality indicators of compromise and provides a chain of forensic evidence behind every cyberattack.
“We deployed Cognito Recall and it delivered immediate value,” said John Shaffer, CIO at global investment banking firm Greenhill & Company. “Cognito Recall enabled us to more quickly and thoroughly perform an incident investigation based on endpoint security alerts. It empowered our team to do something in minutes that would normally require days and prevented a risk to our business.”
“As operators of some of the most popular online gaming brands in the world, our ability to proactively detect complex, multistage cyberattacks and launch deeper investigations into their root causes is critically important,” said Mark Rodman, department head of information security operations at the Stars Group, owner of PokerStars, the world’s largest online poker site. “Cognito Recall represents a dramatic leap forward in AI-assisted threat hunting and incident investigation.”
Cognito Recall and its equally powerful AI counterpart, Cognito Detect, are cornerstones of the Vectra Cognito platform. Cognito Detect automates the real-time detection of hidden attackers in cloud and data center workloads and user and internet-of-things devices while giving Cognito Recall a logical starting point to perform AI-assisted threat hunting as part of the investigative process.
“While working with customers who use the Cognito platform, we found that they face significant operational challenges when conducting manual forensic investigations and threat hunting,” said Kevin Kennedy, vice president of product management at Vectra. “Cognito Recall tackles these challenges by providing the best single high-fidelity source for enriched metadata coupled with tight integration with Cognito Detect. And by leveraging our cloud delivery, customers benefit from limitless scale and zero management overhead.”
The unique capabilities of Cognito Recall are summarized below:
Vectra Networks is positioned by Gartner, Inc. in the Visionaries quadrant in its 2018 Magic Quadrant for Intrusion Detection and Prevention Systems¹.
¹Gartner, Inc., Magic Quadrant for Intrusion Detection and Prevention Systems, Craig Lawson, Claudio Neiva, January 10, 2018.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Vectra research reveals 90% of surveyed organizations exhibit a form of malicious Remote Desktop Protocol (RDP) behaviors
Vectra expands operations in the Middle East to address the growing demand for network detection and response in the cloud
Vectra introduces the industry’s first privilege-aware network detection and response solution to strengthen the enforcement of zero trust