Quick navigation

Vectra AI

Cognito platform from Vectra

AI driven threat detection and response platform

Website

Main categories

Security Operations & Incident Response

Sub categories

Network Traffic Analysis and Forensics

Artificial Intelligence

network security

Managed detection and response

Deployment modus

Cloud

Value Proposition

Problem

Solution

Vectra is revolutionizing network detection and response with the Cognito platform, which replaces legacy technology that fails to solve today’s security challenges – from hybrid and cloud-native AWS and Azure environments to data center workloads, and user and IoT devices. The Cognito platform accelerates customer threat detection and investigation using sophisticated artificial intelligence to collect, store and enrich network metadata with insightful context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloudbased application to store enriched metadata and investigate threats. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.

Features

Extract hundreds of metadata attributes from raw network traffic and presents them in a compact, easy-to-understand Zeek format that leverages existing software tooling.
Security insights generated by machine learning are embedded in the metadata to provide powerful building blocks threat hunters can combine with their own unique expertise to quickly reach conclusions.
Investigations based on hosts, not IP addresses
Real-time collection and storage of enriched network metadata, relevant logs and cloud events enables threat hunters to leverage the deep knowledge and insight of advanced attackers.
Associates network metadata with devices, not just IP addresses, and provides an instant view of device activity over time, regardless of IP address changes.

Threat hunters can rely on enriched network metadata that is stored and searched for as long as they need it, while Vectra manages the infrastructure.
Always-learning behavioral models use AI to efficiently find hidden and unknown attackers to enable quick, decisive action and provide a clear starting point for an incident investigation.
Eliminates the endless hunt and search for advanced cyberattacks and enables immediate action by proactively putting the most relevant context at the security analyst’s fingertips.
Integrates with endpoint detection and response, network access control, firewalls and other enforcement points to block new classes of threats and provide a starting point for incident investigations within Cognito Recall, data lakes and SIEMs.