Vectra Detect for Office 365 Key Capabilities
Vectra Vectra Detect for Office 365 — now known as Cloud Detection and Response (CDR) for M365 — is the industry’s most advanced AI-driven attack defense for identifying and stopping threats and attacks across your M365 environment.
Vectra CDR for M365 harnesses Security AIdriven Attack Signal Intelligence™ to go beyond simple anomaly detection to analyze and understand attacker behavior. This ensures early detection with clarity, precision and context to erase unknowns and surface threats, attacks and malicious activities across a full chain of suspicious events.
With Vectra, organizations see, understand and effectively respond to threats and attacks other solutions miss so security teams spend less time tuning, hunting and investigating — and can respond to attacks sooner.
- AI-driven Detection
Harnessing Security AI-driven Attack Signal Intelligence, Vectra goes beyond signatures and simple anomaly detection to expose the complete narrative of attacks facing M365 applications. Pre-built detection models accurately detect and correlate attacker activity, automating the complex analysis of M365 data to reveal over 90% of malicious techniques in the MITRE ATT&CK framework.
- AI-Driven Triage
Harnessing Security AI-driven Attack Signal Intelligence, Vectra understands previously prioritized threats and suspicious M365 activity. Vectra continuously analyzes M365 incidents and distinguishes malicious events from benign incidents and automates manual tasks with the perspective of an expert analyst, so associated risk scores, context and commonalities are triaged as ‘true’ detections.
- AI-driven Prioritization
Harnessing Security AI-driven Attack Signal Intelligence, Vectra automatically correlates, scores and ranks multiple and concurrent detections when events unfold. AI analytics automatically assess incidents against extant events to the degree of a highly experienced security analyst — instantly revealing levels of risk exposure and related prioritization so SecOps can devote more time to driving action plans.
- Advanced Investigation
Vectra simplifies deep investigation and puts answers at analysts’ fingertips, reducing the effort and time it takes to run complex queries and interpret findings. For M365, Vectra CDR uniquely curates large volumes of sourced data behind each detection then leverages AI to derive more meaning and to surface insights in minutes. Investigators quickly understand the “who,” “what,” “when” and “how” details behind threats along with the farreaching effects they will have on M365 apps and data.
- Automated Workflows
Eliminate time-consuming tasks required to aptly monitor and assess cloud logs, investigate detections, initiate threat response and arrive at attribution with threats. Vectra does the work in minutes, so analysts can see compromised accounts, offending apps and how users are accessing tenants.
- Targeted Response
With deeper threat context than native Microsoft tools, security teams gain rich capabilities to respond, contain, investigate, communicate and address compromised systems in less time. Resilient analyst-driven enforcement puts humans in control of response with a flexible approach allowing automated workflows or through in-UI analyst triggered actions. Out of the box response controls include tools and playbooks already in place — all together instilling confidence throughout the team, reducing burnout and minimizing cost.