Use cases

Phishing
Automate the handling of phishing incidents and response.

Ransomware
Automated playbooks to circumvent incoming attacks at machine speed.

User life cycle management
Automate users’ on and offboarding. Orchestrate the monitoring of suspicious activities.

Threat Intelligence
Enable continuous updates and data sharing from worldwide intelligence feeds.

Threat Hunting
Gather resources spread across your company to decipher previously unknown threats.

Incident triage
Build automated workflows to depart false positives and duplications from real threats.

Endpoint Protection
Automate and Orchestrate the detection and remediation of incidents on your devices.

Threat Detection
Decipher threats running in your organization by mapping abnormal activities.

Forensic investigation
Alleviate the work of forensics with streamlined resources.

Cloud Security
Maintain constant monitoring of your cloud configuration to reduce risks of misconfiguration.
Integrations

Cybersecurity
Put your cybersecurity stack on steroids
Threat Intelligence
SIEM
Network & Firewalls
EDR
Vulnerability Management
Connect your cybersecurity ecosystem

IT & Business
Break silos in your modern IT stack
Ticketing
Communication
IAM
Cloud
Miscellaneous
Explore the paradigm of fusion

Featured Integrations
We cover your entire environment
Jira
Okta
Splunk
Sentinel One
Slack
CyberReason
Discover our 200+ integrations
ITOps
SecOps
CloudOps
Company
Blog

Use cases

Phishing
Automate the handling of phishing incidents and response.

Ransomware
Automated playbooks to circumvent incoming attacks at machine speed.

User life cycle management
Automate users’ on and offboarding. Orchestrate the monitoring of suspicious activities.

Threat Intelligence
Enable continuous updates and data sharing from worldwide intelligence feeds.

Threat Hunting
Gather resources spread across your company to decipher previously unknown threats.

Incident triage
Build automated workflows to depart false positives and duplications from real threats.

Endpoint Protection
Automate and Orchestrate the detection and remediation of incidents on your devices.

Threat Detection
Decipher threats running in your organization by mapping abnormal activities.

Forensic investigation
Alleviate the work of forensics with streamlined resources.

Cloud Security
Maintain constant monitoring of your cloud configuration to reduce risks of misconfiguration.
Integrations

Cybersecurity
Put your cybersecurity stack on steroids
Threat Intelligence
SIEM
Network & Firewalls
EDR
Vulnerability Management
Connect your cybersecurity ecosystem

IT & Business
Break silos in your modern IT stack
Ticketing
Communication
IAM
Cloud
Miscellaneous
Explore the paradigm of fusion

Featured Integrations
We cover your entire environment
Jira
Okta
Splunk
Sentinel One
Slack
CyberReason
Discover our 200+ integrations
ITOps
SecOps
CloudOps
Company
Blog

Vectra

x Mindflow

Vendor

Overview

Vectra Threat Detection and Response was integrated by Mindflow to enable users to automate their incident management and better protect their information system.

Vectra Overview

Vectra provides a Threat Detection and Response Platform. Using the solution, you can capture data from different points in your systems to get the best context out of every detection. Once captured, Vectra uses its proprietary AI to detect threats and provides responses designed for the hybrid and multi-cloud enterprise.

Using the solution, users can capture data from:

The Public Cloud to capture relevant logs using API calls (read-only permissions). You can map your infrastructure and detect potential compromises due to misconfiguration, credential theft, and supply, stopping them from becoming breaches.

The solution also captures identity data to find compromised AD accounts accessing federated apps and services such as Microsoft 365, Salesforce, AWS, or VPNs. It uses Kerberos traffic, windows event log ingestion, and Azure Active Directory Graph API.

Capture relevant logs of your stack of SaaS tools by using API calls (read-only). You can thus find and stop attacks on data in Microsoft 365 applications like SharePoint, OneDrive, Teams, Exchange, and more.

Finally, you can capture network traffic using cloud, virtual, or physical sensors by deploying sensors. This way, you can detect threats that bypass data center security controls.

As said above, the data captured is then analyzed by extracting metadata elements on which Vectra applies proprietary AI to detect attacker methods in every domain, using the MITRE D3FEND framework.