solutions - Use Cases - Compliance

National Institute of Standards and Technology (NIST)

  • Network metadata is analyzed by behavioral algorithms to detect threats in real time.
  • Nonstop attacker detection in all cloud/data center workloads and user/IoT devices.
  • Detect and prioritize cyberattacks and trigger real-time notifications to security teams.
  • Consistent reporting of threat detections, causes, business impacts, and steps to verify.
Get the NIST compliance brief

General Data Protection Regulation (GDPR)

  • Augment data handling standards by detecting unauthorized access of personal information.
  • Early detection of hidden cyberattacker behaviors that evade security defenses.
  • Meet the 72-hour notification timeframe using rich context about cyberattacks and a forensic trail of evidence.
  • Monitor nonstop all cloud/data center workloads and user/IoT devices for impact assessment.
Get the GDPR compliance brief

Federal Financial Institutions Examination Council (FFIEC)

  • Prioritize and correlate the highest-risk threats with compromised in-scope assets.
  • Early detection of ransomware, other malware variants and hidden attacker behaviors.
  • Real-time detection of suspicious use of admin credentials and data from key in-scope assets.
  • Nonstop detection of attack behaviors in all cloud/data center workloads and user/IoT devices.
Get the FFIEC compliance brief

CDM Phase 3 DEFEND

  • The Cognito platform from Vectra integrates with existing solutions to follow response process and procedures.
  • Securely and automatically communicate and share incident response data.
  • Extract vital forensic data to reduce the time it takes to understand what occurred and what has been impacted.
  • Find abnormal, anomalous network behaviors and report on it in real time.
  • Generate audit data that meets regulatory requirements.
Get the CDM Phase 3 DEFEND compliance brief

Defense Federal Acquisition Regulation Supplement (DFARS)

  • Baseline system behaviors by monitoring all cloud/data center workloads and user/IoT devices.
  • Detect the suspicious use of admin credentials and the abuse of administrative protocols.
  • Network metadata is analyzed by behavioral algorithms to detect threats in real time.
  • Detect and prioritize cyberattacks and trigger real-time notifications to security teams.
Get the DFARS compliance brief

MITRE ATT&CK for Enterprise

  • Automatically detect and triage 85% of network tactics identified in the MITRE ATT&CK framework.
  • Real-time analysis of threat behaviors in all network traffic – endpoints, servers, virtual workloads and the cloud.
  • Network-wide attacker detection is the most reliable and conclusive way to identify the highest-risk threats.
  • Goes well beyond the ATT&CK framework to detect attackers that encrypt their communication in hidden tunnels.
Get the MITRE ATT&CK compliance brief

N.Y. State Department of Financial Services

  • Automatically detects in-progress attacks and prioritizes the highest-risk threats in real time.
  • Tracks all physical and virtual hosts to reveal signs of compromised devices and insider threats.
  • Detects suspicious access to critical assets and policy violations related to data moved out of the network.
  • Nonstop analysis of internal network traffic, internet-bound traffic and workloads to identify system behavior baselines and unapproved activity.
Get the NYSDFS compliance brief

CIS Critical Security Controls

  • Passively monitor and analyze all network traffic to identify authorized and unauthorized devices.
  • Real-time detection of suspicious use of admin credentials and data from key in-scope assets.
  • Early detection of ransomware, other malware variants and hidden attacker behaviors.
  • Detect cyberattackers in hidden DNS, HTTP and HTTPS tunnels and encrypted traffic.
Get the CIS Critical Security Controls compliance brief

Payment Card Industry Data Security Standard (PCI DSS)

  • Detect early signs of SQL injection attempts, even if the vulnerability or exploit is unknown.
  • Identify suspicious attempts by devices and user accounts to access cardholder data.
  • Real-time detection of compromised user credentials and sharing of access information.
  • Track device activity over time, even if the IP address changes and is used by multiple people.
Get the PCI DSS compliance brief

Adaptive Security Architecture

  • Real-time automated threat detection from cloud and data center workloads to user and IoT devices.
  • Complement prevention efforts by providing intelligence about what to block and when.
  • Drive dynamic response rules, and trigger a response from security enforcement points.
  • Threat intelligence gathered and analyzed to minimize enterprise asset exposure and risk.
Get the Adaptive Security Architecture compliance brief