Customer story
Financial Services and Banking


At the investment bank of Greenhill and Co., helping clients manage risk is core to its business.


Needed more visibility into the network and an easier way to identify which threats were critical and which threats were not

Selection criteria

An AI-based network detection and response (NDR) solution that quickly identifies critical threats worth investigating and provides network visibility


  • Ability to focus on investigations and proactive threat hunting instead of chasing-down logs
  • Confidence in identifying and stopping privilege escalation and account takeovers in Office 365
  • AI-based algorithms that save time and effort for their security staff
  • Can now pinpoint attacker behaviors on the network and immediately shut down attacks on the endpoint

Greenhill Stops Cyberattacks from Enterprise to Office 365 SaaS with Vectra


Greenhill was grappling with a lack of visibility into its network, making it tough to distinguish which threats were significant and required attention. Moreover, the company was facing issues with alert fatigue due to an overwhelming volume of security logs, and was particularly concerned about the rising incidents of credential abuse and account takeovers in SaaS platforms like Microsoft Office 365.


Greenhill deployed the Vectra AI Cognito platform, an AI-driven solution that provided real-time, automated detection of cyberattack behaviors. In addition to managing security on their network and data centre, Cognito Detect was also deployed for Microsoft Office 365 to proactively identify and respond to hidden cyberattackers and prevent data breaches.

Customer benefits

Vectra AI's solution gave Greenhill complete visibility across its entire network, reducing the event workload by filtering through security logs and giving priority to the most critical threats. This allowed more focused time on investigations and proactive threat hunting instead of chasing logs. Additionally, the artificial intelligence-based algorithms developed by Vectra learned to distinguish between normal behavior and malicious activity, saving valuable time and effort for the company's security staff.

“Attackers today evade firewalls, IDS and other legacy security systems and spread inside the network looking for assets to steal.”

John Shaffer
CIO Greenhill

“Vectra gives us a head start in the network and CrowdStrike speeds across the finish line at the endpoint.”

John Shaffer
CIO Greenhill