Product - Cognito Recall

Cognito Recall

Investigative workbench for conclusive threat hunting and investigations

AI-assisted threat hunting – from cloud and data center workloads to the enterprise

  • Custom-engineered investigative workbench optimized for Vectra metadata – delivering sub second searches at scale
  • Collect and store rich network metadata, relevant logs and cloud events in real-time
  • Perform retrospective threat hunting using security-enriched network metadata
  • Dive deep into incidents triggered by security tools to identify other host devices, accounts and attackers involved in an incident
get the overview
"Cognito Recall is a dramatic leap forward in AI-assisted threat hunting and incident investigation"

Mark Rodman
Head of Information Security Operations at PokerStars
The Stars Group, Owner of PokerStars, the World’s Largest Online Poker Site

AI-assisted threat hunting

  • Highest fidelity data source: AI-enriched network metadata
  • Deep protocol visibility, not just connectivity attributes
  • Hunt based on device, workload and host name, not just IP addresses
Additional resources:
Blog: Why network metadata is just right for your data lakeBlog: Don’t do it – Rolling your own production Zeek deployments