

Vectra + Splunk
Vectra and Splunk partner to solve the most persistent problem facing today’s enterprise cybersecurity teams – finding and stopping active cyberattacks while getting the most out of limited time and resources.
Integrate Splunk with VectraFaster, context-driven investigations into active cyberattackers
Speed up investigations by having the Vectra Threat Detection and Response platform automatically triage and score hosts ranked by risk in Splunk dashboard
Enhance workflows in Splunk across the entire attack lifecycle with Vectra’s visibility of all threats, known and unknown
Gain valuable insight by enabling security teams to correlate detections from Vectra with other events in Splunk
Bring Vectra Detection to Workbooks in Splunk
- The Vectra App for Splunk provides an interactive dashboard to show the number of hosts classified as critical, high, medium, and low risk
- Speed-up the investigations with drill-downs into each category to filter on that particular detection’s severity
- A link back into Vectra’s user interface allows a seamless transition to drive prioritization and workflow


Automate Response with Splunk Phantom
- The Vectra Active Enforcement application for Splunk Phantom automates response by enabling quick and effective enforcement actions
- Splunk Phantom receives alerts based on risk of a host from Vectra and respond automatically as defined by a Splunk Phantom playbook
- Analysts can also manually trigger a response from the Vectra UI by using predefined event tags and take action before damage is done
Automate Response with Splunk Phantom
- The Vectra Active Enforcement application for Splunk Phantom automates response by enabling quick and effective enforcement actions
- Splunk Phantom receives alerts based on risk of a host from Vectra and respond automatically as defined by a Splunk Phantom playbook
- Analysts can also manually trigger a response from the Vectra UI by using predefined event tags and take action before damage is done

Vectra for Splunk Delivers Unified Threat Visibility Across Attack Surfaces

Learn more about the Vectra platform
Vectra AI Platform
Learn about Vectra’s coverage with one-page explanations of each detection including possible triggers, root causes, business impacts and steps to verify.
How a pharmaceutical company stopped Maze ransomware with AI-driven detection and response.
Zero Trust coverage ensures that even if a host or account is compromised, further lateral movement is blocked within the network.