solutions - Use cases - Threat hunting

Hunt for threats with Cognito RecallTM

The most efficient way to hunt for threats

Track all outbound and inbound communication from host devices

AI-assisted threat hunting:
Looking for active threats

  • Always-learning behavioral models provide a logical starting point to perform AI-assisted threat hunting.
  • Use threat-hunting techniques to investigate indicators of compromise and historic anomalies.
  • Leverage a high-fidelity data source for threat hunting – enriched metadata – which requires far less storage space.
"Vectra makes threat hunting more efficient.”

Liam Fu
Head of Information Security
Shop Direct

In-depth threat investigation:
Find out what happened

  • Discover common threads between entities uncovered through automated threat detection.
  • Deep-dive into incidents triggered by Cognito Detect and other security tools to gain context from threat activity.
  • Find all devices accessed by compromised credentials and identify files involved in exfiltration.
"Vectra dramatically reduces the time we spend on threat investigations.”

Jojo Maalouf
IT Security Manager
Hydro Ottawa

Identify anomalous behaviors

Retrospective threat hunting:
Reevaluate the past

  • Metadata can be stored for a near-limitless period of time for search and analysis in future investigations.
  • Intelligently investigate any workload or device activity over time, regardless of IP address changes.
  • All network metadata is associated with device, workload and host name, not just IP addresses.
  • Deep protocol visibility, not just connectivity, accelerates analysis, investigation and response.
"Vectra provides context to make fast, informed decisions.”

Dave Buffo
Senior Security Administrator
Tri-State Generation and Transmission Association

Enterprise-wide visibility

  • Get conclusive, actionable attack details and statistics about network activity and device behavior.
  • Collect and store rich network metadata, relevant logs and cloud events for incident investigations.
  • High-fidelity visibility into attacker behaviors in cloud and data center workloads and user and IoT devices.
  • Cloud-powered limitless scale enables you to store and search rich metadata for as long as you need it.
"Vectra detects threats across the entire attack surface.”

Enterprise Management Associates
A leading industry analysis and consulting firm